Network Security Paper

Discussion Questions

„X When is IPSec appropriate? When is SSL / TLS appropriate?

o IPSec is used to create secure VPN connections across the Internet for remote access and branch office connectivity. IPSec is a general technology for securing IP traffic; it is designed to work in two different models: transport mode and tunnel mode.

o SSL / TLS is designed for client application-to-server application authentication and encryption. Therefore, the general purpose of use is whenever authentication and data protection are necessary.

„X At what layer does IPSec function in?

o IPSec works at the IP layer of the Transmission Control Protocol / Internet Protocol (TCP/IP) stack; it works on the Network layer of the OSI model.

„X What are two important VPN protocols for remote access VPN connections?

o Point-to-Point Tunneling Protocol (PPTP)

o Layer Two Tunneling Protocol (L2TP) with Internet Protocol Security

„X Why do organizations want to move to a single sign-on environment?

o The objective of a single sign-on environment is to require the user to authenticate once. It ultimately delivers ease of use among users. Single sign-on environments increases the usage of a system, increase returns on technical investments, and reduces cost for maintaining multiple passwords and usersÐŽ¦ names.

Short Answers Explanation to Explain the Difference

„X Historical and statistical logging

o Historical logging is a complete recording of all data passing through a device.

o Statistical logging is statistics that are kept on each data port.

„X File security and firewalls

o File Security is a translation of an encrypted file in which you must have access.

o Firewall is a system designed to prevent unauthorized access to or from a private network.

„X Secret and public keys

o Secret key is known only to the recipient of the message.

o Public key is known to everyone.

„X Symmetric and asymmetric keys

o Symmetric (same key to encrypt and decrypt)

o Asymmetric (public key to encrypt, private key to decrypt)

„X Digital certificate and digital postmark

o Digital certificate is an attachment to an electronic message used for security purposes.

o Digital postmark is a network security mechanism to identify which region a packet or set of packets comes from.

„X Plaintext & ciphertext

o Plaintext is information used to input to an encryption algorithm.

o Ciphertext is encrypted text.

„X Decipher & encipher

o Decipher ÐŽV Convert code into ordinary language.

o Encipher is to convert plain text into an unintelligible form by means of a cipher.

„X IPSec VPNs & SSL VPNs

o IPSec ÐŽV Internet Protocol Security

o SSL ÐŽV Secure Sockets Layer

Short Answers Explanation to Define

„X RSA cryptographic algorithm

o RSA is a public key

...