- Shuffle
Toggle OnToggle Off
- Alphabetize
Toggle OnToggle Off
- Front First
Toggle OnToggle Off
- Both Sides
Toggle OnToggle Off
Front
How to study your flashcards.
Right/Left arrow keys: Navigate between flashcards.right arrow keyleft arrow key
Up/Down arrow keys: Flip the card between the front and back.down keyup key
H key: Show hint (3rd side).h key
PLAY BUTTON
PLAY BUTTON
12 Cards in this Set
- Front
- Back
|
What Is IPsec?
|
IPsec is essentially a way to provide security for data sent between two computers on an IP network.
|
|
IPsec protects data between two IP addresses by providing the following services:
|
Data authentication
Data origin authentication Data integrity Anti-replay protection Encryption |
|
Does every IPsec Policy rule have an IP flter list?
|
Yes, even if the list has only one IP flter.
|
|
n terms of its function within an IPsec Policy, what does a flter action do?
|
A flter action determines whether the traffc captured by an IP flter in a given
policy rule is permitted, blocked, encrypted, or authenticated. |
|
Authentication Header (AH)
|
AH provides data origin authentication, data integrity, and anti-replay protection for the entire IP packet.
|
|
Encapsulating Security Payload (ESP)
|
ESP provides data encryption, data origin authentication, data integrity, and anti-replay protection for the ESP payload.
|
|
IKE performs a two-phase negotiation
|
Phase 1 negotiation is known as main mode negotiation, and Phase 2 is known as quick mode negotiation.
|
|
tunnel mode
|
With tunnel mode, an entire IP packet is protected and then encapsulated with an additional, unprotected IP header.
|
|
Authentication Methods for IPsec
|
kerberos (Active Directory)
Certifcates Preshared key |
|
Assigning a Predefned IPsec Policy
|
Client (Respond Only)
server (Request security) secure server (Require security) |
|
Isolation rule
|
This is a general rule used to authenticate all traffc for select network profles (network location types)
|
|
Authentication Exemption rule
|
You can use this rule type to exempt specifc computers or a group or range of IP addresses (computers) from being required to authenticate themselves, regardless of other Connection Security Rules.
|
