Fundamentals of VPN Technology and Cryptography Flashcards Preview

CCNA Security 210-260 > Fundamentals of VPN Technology and Cryptography > Flashcards

Flashcards in Fundamentals of VPN Technology and Cryptography Deck (18)
Loading flashcards...
1
Q

What algorithms in a VPN provide the confidentiality?

A

AES, 3DES

2
Q

A remote user needs to access the corporate network from a hotel room, what type of VPN is used?

A

Remote-Access VPN

3
Q

Which type of VPN technology is likely to be used in a site-to-site VPN?

A

IPSec

4
Q

What are some benefits of VPN?

A

Confidentiality, Data Integrity

5
Q

Name two symmetrical encryption ciphers?

A

AES, 3DES

6
Q

What is the primary difference between a hash and Hashed Message Authentication Code (HMAC)?

A

Keys

7
Q

What is used to encrypt the hash in a digital signature?

A

Sender’s private key

8
Q

What are some valid options to protect data in motion with or without a full VPN?

A

TLS, SSL, HTTPS, IPSec

9
Q

Why is the public key in a typical public-private key pair referred to as public?

A

Because it’s shared publicly

10
Q

What is the key component used to create a digital signature?

A

Private key

11
Q

What is the key component used to verify a digital signature?

A

Sender’s public key

12
Q

What is another name for a hash that has been encrypted with a private key?

A

Digital signature

13
Q

What are the primary responsibilities of a certificate authority?

A

Issuing identity certificates, Tracking identity certificates

14
Q

Name some ways a client can check to see whether a certificate has been revoked?

A

CRL, OSCP, LDAP

15
Q

Name four items found in a typical identity certificate?

A

CRL locations, Validity date, Public key of owner, serial number

16
Q

Which standard format is used to request a digital certificate from a CA?

A

PKCS#10

17
Q

When obtaining the initial root certificate, what method should be used for validation of the certificate?

A

Telephone

18
Q

Which method, when supported by both the client and the CA, is the simplest to use when implementing identity certificates on the client?

A

SCEP