MCTIP 70-642 Chapter 9 Securing Data Transmission and Authentication

27 terms by fiberghost

Create a new folder

Advertisement Upgrade to remove ads

This is for Chapter 9 of the Wiley MOAC course 70-642

checksum

A mathematical value that is used to provide integrity check for a packet. A checksum is the result of adding the number of bits in as block of data to be transmitted. The result of this addition is transmitted along with the data. The same calculation is performed by the computer at the receiving end and if the results agree, it is assumed that the data has been transmitted without error.

What is Data modification

An attacker can modify the network packet that is in transit over a network and send counterfeit data, which might prevent the receiver from receiving the correct information of might allow the attacker to obtain additional, possible secure, information.

Packet sniffer

Monitors and reads network packets as they traverse a wired or wireless network. Must be in promiscuous mode to see packets not destined for that computer

Identity spoofing

An attacker can falsify or "spoof" the identity of either the sending or receiving computer by using special programs to construct IP packets that appear to originate from valid addresses inside of a trusted network.

Man in the Middle (MITM) attack

Someone between the two communicating computers us actively monitoring, capturing, and controlling the data transparently. The attacker intercepts the communications between two computers, modifies or captures the data and then sends it on to its destination.

Denial of Service (DoS) attack

This attack prevents the normal use of comuters or network resources.

Distributed Denial of Service (DDos)

This attack prevents the normal use of computers or network resources, but attack originates from many computers, often referred to as a botnet.

Internet Security Association and Key Management Protocol (ISAKMP)

Dynamically negotiates a mutual set of security requirements between two hosts that are attempting to communicate with each other.

IP Packet filtering

A process that allows or blocks communications specifying source and destination addresses, address ranges, protocols, or even specific TCP or UDP ports

At which layer of the OSI model does IPSec work

Network layer or layer 3. It provides automatic, transparent security for all applications residing at the higher OSI layers (4-7)

IPSec peer authentication provides what?

Verifies the identity of the peer computer before any data is sent.

Windows 2008 can use what three authentication methods for IPSec

Pre-shared key, public keys, or Kerberos protocol. Kerberos can only be used if integrated with an Active Directory.

Hash function

A one-way cryptographic algorithm that takes an input message of arbitrary length and produces a fixed length digest.

How does IPSec ensure data integrity?

IPSec includes a cryptographic checksum for the packet that ensuring that the information that is received is the same as the information that was sent.

How does IPSec ensure data confidentiality?

IPSec can encrypt a packet. If it is intercepted, the attacker cannot un-encrypt the packet without the correct key.

How does IPsec protect against a replay attack?

IPSec uses sequence numbers in packets sent between two IPSec peers. A replay attack is when an attacker records packets and plays them at a later time. The packet sequence number would be out of order if sent at a later time.

What is key management in IPSec

A secure way to exchange key information to derive a secret shared key and to periodically change the keys used.

What are the two types of modes in IPSec? Define the two terms.

Transport Mode: Use when packet filtering is required and when using end to end security.

Tunnel mode: Used in site to site communications that cross unsecure (public) networks. Provides gateway to gateway protection.

Name and define the two main protocols used in IPSec

Authentication Header (AH): provides authentication, integrity, and anti-replay for the entire packet (both the IP header and the data payload carried in the packet). It does not provide confidentiality because it does not encrypt the data. AH uses a hash algorithm to sign the packet for integrity.

Encapsulating Security Payload (ESP): provide confidentiality for the payload in addition to authentication and anti-replay. ESP does not sign the entire packet, just the payload (data).

They can be used together to provide protection.

AES-256

Encryption Algorithm

Offers the strongest level of security within Windows 2008 and has the highest resource usage on the host. Compatible only with Windows Vista and Windows 2007 Server.

AES-192

Encryption Algorithm

Somewhat less secure than AES-256, medium resource usage on the host. Compatible only with Windows Vista and Windows 2007 Server.

AES-128

Encryption Algorithm

Default IPSec encryption algorithm in Windows 2008. Compatible only with Windows Vista and Windows 2007 Server.

3DES

Encryption Algorithm

Used for backward compatibility while still providing an acceptable level of encryption.

DES

Encryption Algorithm

Used for backward compatibility only; its use is not recommended.

SHA1

Integrity (Hash) Algorithm

Stronger choice over MD5, but a higher resource usage level on the host

MD5

Integrity (Hash) Algorithm

Used for backwards compatibility only; its use is not recommended. Use SHA1

IPSec Security Assocation

Combination of security services, protection mechanisms, and cryptographic keys mutually agreed to by the communication peers. The SA contains the information needed to determine how the traffic is o be secured (the security services and protection mechanisms) and with which secret keys (cryptographic keys). To types of SAs are created when IPSec peers communicate securely; ISAKMP SA and IPSec SA.

Please allow access to your computer’s microphone to use Voice Recording.

Having trouble? Click here for help.

We can’t access your microphone!

Click the icon above to update your browser permissions above and try again

Example:

Reload the page to try again!

Reload

Press Cmd-0 to reset your zoom

Press Ctrl-0 to reset your zoom

It looks like your browser might be zoomed in or out. Your browser needs to be zoomed to a normal size to record audio.

Please upgrade Flash or install Chrome
to use Voice Recording.

For more help, see our troubleshooting page.

Your microphone is muted

For help fixing this issue, see this FAQ.

Star this term

You can study starred terms together

NEW! Voice Recording

Create Set