Chapter 13 - Supplement - Sheet1 Flashcards Preview

CompTIA Network+ > Chapter 13 - Supplement - Sheet1 > Flashcards

Flashcards in Chapter 13 - Supplement - Sheet1 Deck (49):
1

ACL

Access Control List. Reside on routers to determine which packets are allowed to route through based on requesting device's source or destination IP address

2

VPN

Virtual Private Network. Makes a local host part of a remote network by using an ecrypted connection over a WLAN link

3

3 catagories of VPNs

Remote-access VPNS, site-to-site VPNs, Extranet VPNs

4

Remote Access VPNs

Allow remote users to scecurly access corporate network wherever and wheenever they need to.

5

Site to Site VPNs

AKA intranet VPNs. Allow a company to connect its remote sites to the corporate backbone securely over a public medium like the Internet.

6

Extranet VPNs

Allow an org's suppliers, partners, and customers to be connected to hte corporate network in a limited way for business-to-business

7

SSL

Secure Sockets Layer. Protocol developed by netscape to encrypt data transmissions

8

SSL VPN

A method used to establish a secure VPN connection

9

PPTP

Method for establishing VPNs. Point-topoint tunneling protocol. Developed by Microsoft, Lucent Technologies, 3COM. Not found much anymore.

10

IPSec

IP Security. Standard protocol for VPNs today.

11

TWo protocols within IPSec

AH, ESP. Authentication header and Enxapsulating Security Payload

12

Two modes of IPSec

Transport Mode, Tunneling Mode

13

ISAKMP

Internet Security Association and Key Management Protocol. Framework for safely transferring key and authentication data

14

Symmetrical Key Encryption

Sender and receiver have the same key and use it to encrypt and decrypt all meessages.

15

DES

Data Encryption Standard. Uses symmetrical encryption keys. No longer secure.

16

3DES

Triple Data Encryption Standard. Improvement on DES. Max encryption of just 168 bits of security (or 112 bits security, relatively speaking)

17

AES

Advanced Encryption Standard. Official encryption standard i nthe US since 2002. Key lengths at 128, 192, or 256 bits.

18

Public Key Encryption

Uses the Diffie-Hellman algorithm, which uses a public key to encrypt data and a private key to decrypt it. Sender gets receipient's public key and encrypts data using it. Receiver decrypts using its private key.

19

Two types of encryption

Public Key Encryption, Symmetrical Key Encryption

20

Two examples of Public Key Encryption

RSA (Rivest, Shamir, and Aldeman) -- The company formed by the MIT professors who created it. And PGP (Pretty Good Privacy)

21

Six examples of methods to create remote-access connections

RAS, RDP, PPP, PPoE, ICA, SSH

22

RAS

Remote Access Services. Refers to the combination of hardware and software required to make a remote-access connection. Used by Microsoft

23

RDP

Remote Desktop Protocol. Used by Windows users, though other OSes can use it so long as they have an RDP client.

24

PPP

Point-to-point Protocol. Layer 2 protocol that provides authentication, encryption, and compression services to clients logging in remotely. ISPs use this to authenticate clients accessing via modem

25

PPPoE

Point-to-point protocol over ethernet. Extension of PPP. Encapsulates PPP frames within Ethernet frames.

26

ICA

Independent Computing Architecture. Protocol used bb Citrix Systems to provided communication between servers and clients. Primarily used for Citrix's WinFrame, which allows users to run Windows Applications on a WinFrame server from any OS.

27

SSH

SecureShell. Secure alternative to Telnet.

28

3 Ways a user can be identified via Single Sign On

Something they know (password), something they are (retinas, fingerprint, facial recognition), something they possess (Smart card)

29

Common user authentication methods

PKI, Kerberos, AAA, NAC, CHAP, MS-CHAP, EAP

30

PKI

Public Key Infrstructure. Method of user authentication. What we used on the web with a certificate authority (CA) and public / private keys to confirm someone's identity

31

Kerberos

Method of user authentication. Open source security system. Issues users tickets as they log in, which are used to access resources. Tickets expire but are renewed by the server. Dependent on all PCs in the system to have sync'd clocks.

32

AAA

Authentication Authorization and Accounting. Conceptual models for managing network security through one cenral location. Also AAAA, which adds auditing

33

Common implementations of AAA

RADIUS, TACACS+

34

RADIUS and TACACS+

Implementations of AAA. Remote Authentication Dial In user Service. Terminal Access Controllers Access-Control System Plus. Authe nticatio nand accounting service used for verifying users over various types of network connections. ISPs use RADIUS server to store usernames and passwords of their clients. Handles authentication on behalf of wireless APs, RAS servers, or LAN switches.

35

Differences between RADIUS and TACACS+

RADIUS combines user authentication and authorization into one profile. TACACS+ separates the two. TACACS+ utilizes TCP but RADIUS uses UDP (connectionless). TACACS is considered more stable and more secure.

36

NAC

Network Access Control. Authentication method. Secures network hosts before they're allowed to access the network.

37

CHAP

Authentication Method. Challenge Handshake Authentication Protocol. Secure authentication protocol -- Username and password never cross the wire. Both client/server are configurecd with a shared securet. Server challenges client with a random data to encrypt via one-way hash to prove it's credentials.

38

MS-CHAP

Microsoft Challenge handshake Authentication Protocol. Just like CHAP, but Microsoft encryptes the shared secret locally, while CHAP stores it locally in cleartext.

39

EAP

Extensible Authentication Protocol. Authentication method. Extension of PPP. Provices additional authentication methods for remote-access clients, like smart cards, certificates, biometric schemes, voice recognition, etc.

40

What two types of addresses can access control lists filter?

IP Addresses, MAC addresses

41

Which encryption protocol works with both IPv4 and IPv6?

IPSec

42

Which encryption protocol or standard allows you to create a private network on an
intranet?

SSL VPN

43

Which user-authentication method uses a public key and private key pair?

PKI

44

In an authentication system that uses private and public keys, who should have access
to the private key?

Only the owner of the key

45

Which authentication method relies on tickets to grant access to resources?

Kerberos

46

In computer security, what does AAA stand for?

Authentication, Authorization, and Accounting

47

Which network access security method is commonly used in wireless networks?

802.1x

48

Which user-authentication method is available only in an all-Windows environment?

MS-CHAP

49

Which user-authentication method utilizes the TCP protocol?

TACACS+