CHAPTER SUMMARY

There are different types of VPNs and related protocols. These include IPSec, Layer 2 Tunneling Protocol (L2TP), Secure Sockets Layer (SSL)/Transport Layer Security (TLS), and Secure Shell (SSH). There are several advantages and disadvantages of hardware and software solutions. After reading this chapter, you should be able to determine which solution would be appropriate in your environment.

You learned how some of the challenges associated with establishing performance and stability for VPNs can affect the performance and stability of the VPN. You also learned about the issues network address translation (NAT) can present when rolling out a VPN, as well as the impact of both client and VPN virtualization on your VPN and network.

KEY CONCEPTS AND TERMS

Authentication Header (AH)

Desktop virtualization

Encapsulating Security Payload (ESP)

Internet Engineering Task Force (IETF)

Internet Key Exchange (IKE)

Layer 2 Forwarding (L2F) Protocol

Layer 2 Tunneling Protocol (L2TP)

Network address translation (NAT)

Perfect forward secrecy

Point-to-Point Protocol (PPP)

Point-to-Point Tunneling Protocol (PPTP)

Request for comments

Root cause

Secure Shell (SSH)

VPN concentrator

CHAPTER 11 ASSESSMENT

  1. What are the two modes supported by IPSec? (Multiple answers are correct.)
    1. Transition
    2. Tunnel
    3. Transport
    4. Encrypted
  2. Pick two benefits of SSL/TLS over the use of IPSec VPNs. (Multiple answers are correct.)
    1. Many more deployments in corporate settings
    2. Fewer firewall rules required
    3. Granular access control
    4. Support typically available immediately following the release of a new OS
  3. Which of the following is an IPSec protocol that negotiates, creates, and manages security associations?
    1. Authentication Header
    2. Encapsulating Security Payload
    3. Internet Key Exchange
    4. Transportation Authentication
  4. Which of the following is not a part of IPv6 IPSec cryptography?
    1. Confidentiality
    2. Data origin authentication
    3. Data integrity
    4. Translation services
  5. Which of the following is not a benefit of virtualized SSL VPN environments?
    1. Added security for multigroup environments
    2. Delegation of management
    3. Greater flexibility
    4. Redundant hardware installation
  6. Which of the following is a true statement regarding IPSec?
    1. It supports Windows and Linux environments, but not Apple Mac OSs.
    2. It provides secure node-on-network connectivity.
    3. It is set to 56-bit encryption for speed.
    4. It has replaced the need for SSL-based VPNs.
  7. Which of the following is not a major component of the SSH protocol?
    1. Connection Protocol
    2. Datagram Protection Protocol
    3. Transport Layer Protocol
    4. User Authentication Protocol
  8. Which of the following is used by IPSec and provides integrity protection for packet headers and data, as well as user authentication?
    1. Authentication Header (AH)
    2. Encapsulating Security Payload (ESP)
    3. Internet Key exchange (IKE)
    4. Secure Shell (SSH)
  9. Which of the following are the two main types of NAT?
    1. Dynamic and static
    2. Inbound and outbound
    3. Encrypted and filtered
    4. Hidden and shielded
  10. Which of the following is not a benefit of SSL/TLS over the use of IPSec VPNs?
    1. Client flexibility
    2. Guaranteed uptime
    3. Less expense
    4. Platform independence
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
18.226.133.49