[ITS164L] Chapter 7 - Securing Site-to-Site Connectivity

0.0(0)
Studied by 0 people
call kaiCall Kai
Locked
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
GameKnowt Play
Card Sorting

1/33

encourage image

There's no tags or description

Looks like no tags are added yet.

Last updated 1:42 PM on 6/29/26
Name
Mastery
Learn
Test
Matching
Spaced
Call with Kai
Chat

No analytics yet

Send a link to your students to track their progress

34 Terms

1
New cards

Security

is a concern when using the public Internet to conduct business.

2
New cards

Virtual Private Networks (VPNs)

are used to ensure the security of data across the Internet.

3
New cards

VPN

is used to create a private tunnel over a public network

4
New cards

VPNs

used to create an end-to-end private network connection over third-party networks such as the Internet or extranets.

5
New cards

tunnel

eliminates the distance barrier and enables remote users to access central site network resources

6
New cards

VPN

a private network created via tunneling over a public network, usually the Internet.

7
New cards

VPN

communications environment in which access is strictly controlled to permit peer connections within a defined community of interest.

8
New cards

first VPNs

were strictly IP tunnels that did not include authentication or encryption of the data.

9
New cards

Generic Routing Encapsulation (GRE)

a tunneling protocol developed by Cisco that can encapsulate a wide variety of network layer protocol packet types inside IP tunnels.

10
New cards

  • Cost savings

  • Scalability

  • Compatibility with broadband technology

  • Security

Benefits of a VPN

11
New cards

Cost savings

VPNs enable organizations to use cost-effective, third-party Internet transport to connect remote offices and remote users to the main site; therefore, eliminating expensive, dedicated WAN links and modem banks.

12
New cards

Scalability

VPNs enables organizations to use the Internet infrastructure within ISPs and devices, which makes it easy to add new users

13
New cards

Compatibility with broadband technology

VPNs allow mobile workers and telecommuters to take advantage of high-speed, broadband connectivity, such as DSL and cable, to access to their organizational networks.

14
New cards

Security

VPNs can include security mechanisms that provide the highest level of security by using advanced encryption and authentication protocols that protect data from unauthorized access.

15
New cards

  • Site-to-Site VPN

  • Remote access VPN

Two types of VPNs

16
New cards

Site-to-Site VPN

is created when devices on both sides of the VPN connection are aware of the VPN configuration in advance.

17
New cards

site-to-site VPN

In a [blank], end hosts send and receive normal TCP/IP traffic through a VPN gateway

18
New cards

VPN gateway

is responsible for encapsulating and encrypting outbound traffic for all traffic from a particular site

19
New cards

site-to-site VPN

an extension of a classic WAN network.

20
New cards

site-to-site VPN

connect entire networks to each other, for example, they can connect a branch office network to a company headquarters network.

21
New cards

Remote-access VPN

is used to connect entire networks

22
New cards

Remote-access VPN

supports the needs of telecommuters, mobile users, and extranet, consumer-to-business traffic

23
New cards

Remote-access VPN

is created when VPN information is not statically set up, but instead allows for dynamically changing information, and can be enabled and disabled.

24
New cards

Remote-access VPN

support a client/server architecture, where the VPN client (remote host) gains secure access to the enterprise network via a VPN server device at the network edge.

25
New cards

IP Sec VPN

offer flexible and scalable connectivity.

26
New cards

IP Sec VPN

with an [blank], the information from a private network is securely transported over a public network.

27
New cards

IPsec VPN

This forms a virtual network instead of using a dedicated Layer 2 connection

28
New cards

  • Confidentiality (Encryption)

  • Data Integrity

  • Authentication

  • Anti-Replay Protection

Four critical functions of IP Security

29
New cards

Confidentiality (encryption)

This is the process of taking all the data that one computer is sending to another and encoding it into a form that only the other computer will be able to decode.

30
New cards

Data Integrity

IPsec has a mechanism to ensure that the encrypted portion of the packet, or the entire header and data portion of the packet, has not been changed.

31
New cards

Authentication

verify the identity of the source of the data that is sent. This is necessary to guard against a number of attacks that depend on spoofing the identity of the sender.

32
New cards

Authentication

ensures that the connection is made with the desired communication partner. The receiver can authenticate the source of the packet by certifying the source of the information.

33
New cards

Anti-Replay Protection

this is the ability to detect and reject replayed packets and helps prevent spoofing

34
New cards

Anti-Replay Protection

verifies that each packet is unique and not duplicated.