CHAPTER SUMMARY

VPN management is a complex activity that requires attention to detail and good documentation. A variety of best practices may assist you in your VPN deployment and ongoing support. Selecting and deploying a VPN solution that meets your business requirements is essential. This includes deciding between open-source and commercial VPN solutions when selecting your product. Understanding the threats, attacks, and mitigations and ensuring that your VPN is available are key components of success. In addition, you must understand the difference between privacy and anonymity; know the difference between personal/individual and enterprise/network solutions; and, finally, be able to train your users well. Once you have mastered all these facets of successful VPN rollout and support, you will be ready to move on to other security topics.

KEY CONCEPTS AND TERMS

Anonymity

Bypass deployment

Hairpinning

Hot Standby Router Protocol (HSRP)

Privacy

Service level agreement (SLA)

Slideware

Two-factor authentication

Virtual Router Redundancy Protocol (VRRP)

Vulnerability management

CHAPTER 10 ASSESSMENT

  1. Which of the following is not one of the three most common VPN deployment architectures?
    1. Bypass
    2. DMZ
    3. Internally connected
    4. Modified
  2. Which of the following is not a threat common to software and hardware VPNs?
    1. Backdoor attack
    2. Denial of service
    3. Missing patches
    4. Split tunneling
  3. Which of the following is one of the most common and easily exploited vulnerabilities on any hardware network device?
    1. Weak default password
    2. Accessible power switch
    3. Default tunneling
    4. No multifactor authentication
  4. Which of the following is not a threat common to software and hardware VPNs?
    1. Weak authentication
    2. Weak client security
    3. Weak encryption key
    4. Weak user name
  5. Which of the following is a benefit of a commercial VPN solution over open-source solutions?
    1. Less cost
    2. Product support
    3. More flexibility
    4. Access to the code
  6. Which of the following is not a component of a VPN policy?
    1. Definitions
    2. Introduction
    3. Scope
    4. Troubleshooting
  7. Which of the following is not a VPN best practice?
    1. Back up the configuration
    2. Permit split tunneling
    3. Employ vulnerability management
    4. Select based on best reviews
  8. Which of the following is the term for malicious code entering the network and making a sharp turn into the secure network?
    1. Boomerang
    2. Curving
    3. Hairpinning
    4. U-turning
  9. What is the term for a VPN deployment in which traffic between the VPN and the internal network is not firewalled?
    1. Alternative deployment
    2. Bypass deployment
    3. Differential deployment
    4. Internally connected deployment
  10. Which of the following is not part of multifactor authentication?
    1. Something you are
    2. Something you have
    3. Something you know
    4. Something you wear
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.21.159.189