Term
What are the following?:
oDial-up modems (legacy)
oLeased line / ISDN (router-to-router)
oVPN (leveraging Internet access) |
|
Definition
|
|
Term
What are the following?:
Connect to LAN over dial-up (obsolete) or DSL / Cable (PPPoA / PPPoE) |
|
Definition
| Ways To Use Point To Point Protocol (PPP) |
|
|
Term
| Point-to-Point Tunneling Protocol (PPTP) |
|
Definition
Encapsulates PPP to provide security
Uses Microsoft Encryption
Ports: TCP port 1723 (control link) and GRE (IP protocol 47) |
|
|
Term
| Layer 2 Tunneling Protocol (L2TP) |
|
Definition
•Generally used on Cisco solutions
•Interoperable with different frame types and protocols
•Encryption provided by IPsec
•Link negotiation is encrypted
•UDP port 1701 |
|
|
Term
|
Definition
•Use TLS to negotiate a secure connection, authenticated by PKI certificates
•Tunnel network traffic over TLS
•Can use TCP or UDP
•OpenVPN
•Secure Sockets Tunneling Protocol (SSTP) |
|
|
Term
|
Definition
| Configure VPN to start automatically when trusted network link is detected |
|
|
Term
|
Definition
| The client accesses the Internet directly using its "native" IP configuration and DNS servers |
|
|
Term
|
Definition
| Internet access is mediated by the corporate network |
|
|
Term
|
Definition
| Provides confidentiality and / or integrity through Authentication Header (AH) and Encapsulation Security Payload (ESP). |
|
|
Term
| Authentication Header (AH) |
|
Definition
oSigns packet but does not encrypt payload
oProvides authentication / integrity only |
|
|
Term
| Encapsulation Security Payload (ESP) |
|
Definition
|
|
Term
|
Definition
| Encrypts just the payload |
|
|
Term
|
Definition
| Encrypts the original IP header and replaces it with another. |
|
|
Term
| Handles authentication and key exchange (Security Associations) |
|
Definition
| Internet Security Association and Key Management Protocol (ISAKMP) |
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
•Makes IPsec a standalone VPN protocol
•Support for EAP authentication methods |
|
|
Term
|
Definition
oProvides remote terminal and file copy services with encryption
oCan be used with port forwarding to secure particular applications
oUses private/public keys for server authentication |
|
|
Term
| What port does SCP and SSH use? |
|
Definition
|
|
Term
| Remote Desktop Protocol (RDP) |
|
Definition
| Windows GUI remote admin tool with encrypted communications |
|
|
Term
| Remote Desktop Protocol (RDP) TCP port? |
|
Definition
|
|
Term
| How To Harden Remote Access Client Side |
|
Definition
oMalware protection
oPrevent password caching
oFile security
oSecure local administrative account |
|
|
Term
| How To Harden Remote Access Server Side |
|
Definition
oOnly run service if required
oDocument server configuration
oDefine policy restrictions |
|
|
