Flashcards in Chapter 13 - Supplement - Sheet1 Deck (49)
Access Control List. Reside on routers to determine which packets are allowed to route through based on requesting device's source or destination IP address
Virtual Private Network. Makes a local host part of a remote network by using an ecrypted connection over a WLAN link
3 catagories of VPNs
Remote-access VPNS, site-to-site VPNs, Extranet VPNs
Remote Access VPNs
Allow remote users to scecurly access corporate network wherever and wheenever they need to.
Site to Site VPNs
AKA intranet VPNs. Allow a company to connect its remote sites to the corporate backbone securely over a public medium like the Internet.
Allow an org's suppliers, partners, and customers to be connected to hte corporate network in a limited way for business-to-business
Secure Sockets Layer. Protocol developed by netscape to encrypt data transmissions
A method used to establish a secure VPN connection
Method for establishing VPNs. Point-topoint tunneling protocol. Developed by Microsoft, Lucent Technologies, 3COM. Not found much anymore.
IP Security. Standard protocol for VPNs today.
TWo protocols within IPSec
AH, ESP. Authentication header and Enxapsulating Security Payload
Two modes of IPSec
Transport Mode, Tunneling Mode
Internet Security Association and Key Management Protocol. Framework for safely transferring key and authentication data
Symmetrical Key Encryption
Sender and receiver have the same key and use it to encrypt and decrypt all meessages.
Data Encryption Standard. Uses symmetrical encryption keys. No longer secure.
Triple Data Encryption Standard. Improvement on DES. Max encryption of just 168 bits of security (or 112 bits security, relatively speaking)
Advanced Encryption Standard. Official encryption standard i nthe US since 2002. Key lengths at 128, 192, or 256 bits.
Public Key Encryption
Uses the Diffie-Hellman algorithm, which uses a public key to encrypt data and a private key to decrypt it. Sender gets receipient's public key and encrypts data using it. Receiver decrypts using its private key.
Two types of encryption
Public Key Encryption, Symmetrical Key Encryption
Two examples of Public Key Encryption
RSA (Rivest, Shamir, and Aldeman) -- The company formed by the MIT professors who created it. And PGP (Pretty Good Privacy)
Six examples of methods to create remote-access connections
RAS, RDP, PPP, PPoE, ICA, SSH
Remote Access Services. Refers to the combination of hardware and software required to make a remote-access connection. Used by Microsoft
Remote Desktop Protocol. Used by Windows users, though other OSes can use it so long as they have an RDP client.
Point-to-point Protocol. Layer 2 protocol that provides authentication, encryption, and compression services to clients logging in remotely. ISPs use this to authenticate clients accessing via modem
Point-to-point protocol over ethernet. Extension of PPP. Encapsulates PPP frames within Ethernet frames.
Independent Computing Architecture. Protocol used bb Citrix Systems to provided communication between servers and clients. Primarily used for Citrix's WinFrame, which allows users to run Windows Applications on a WinFrame server from any OS.
SecureShell. Secure alternative to Telnet.
3 Ways a user can be identified via Single Sign On
Something they know (password), something they are (retinas, fingerprint, facial recognition), something they possess (Smart card)
Common user authentication methods
PKI, Kerberos, AAA, NAC, CHAP, MS-CHAP, EAP