cna 121 chapter14
IPsec
, Internet Protocol Security (IPsec) is a network protocol suite that authenticates and encrypts the packets of data sent over a network. IPsec includes protocols for establishing mutual authentication between agents at the beginning of the session and negotiation of cryptographic keys for use during the session. IPsec can protect data flows between a pair of hosts (host-to-host), between a pair of security gateways (network-to-network), or between a security gateway and a host (network-to-host).[1] Internet Protocol security (IPsec) uses cryptographic security services to protect communications over Internet Protocol (IP) networks. IPsec supports network-level peer authentication, data-origin authentication, data integrity, data confidentiality (encryption), and replay protection
Remote Desktop Services RDS on DRP port 3389
, known as Terminal Services in Windows Server 2008 and earlier, is one of the components of Microsoft Windows that allows a user to take control of a remote computer or virtual machine over a network connection uses DRP on port 3389
true
. Automatic configuration for Work Folders is based on the email address of the user. True or False?
TRUE
. EAP is a framework for implementing authentication protocols rather than an authentication protocol. True or False?
c. If the client can connect to the network location server then it is internal
. How does a DirectAccess client determine whether it is on the internal network or external network?
False
. PPTP is the preferred VPN protocol. True or False?
false
. Remote Desktop in Windows 10 allows multiple users to connect to one computer at the same time. True or False?
true
. Selecting a VPN type of Automatic is suitable for most VPN deployments. True or False?
Protected EAP
. Which VPN authentication protocol uses SSL?
/public
. Which option for mtsc.exe prevents connection information from being cached on the local computer?
Connection Manager Administration Kit (CMAK)
A feature that can be installed on Windows clients or servers to create VPN deployment packages.
Extensible Authentication Protocol EAP
A framework that allows multiple authentication protocols to be integrated with the VPN sign-in process.
Internet Key Exchange v2 Tunneling Protocol IKEv2 supports VPN reconnect
A newer VPN protocol that uses IPsec to secure data but can authenticate by using a username and password. This protocol supports VPN Reconnect.
data synchronization
A system that synchronizes files between multiple devices. This allows data to be accessed when offline.
A virtual private network (VPN)
A virtual private network (VPN) is a network that is constructed using public wires — usually the Internet — to connect to a private network, such as a company's internal network. There are a number of systems that enable you to create networks using the Internet as the medium for transporting data.
Mstsc.exe /control
Allows someone else to control your session if that person is viewings it with you
mstsc.exe /noConsentPrompt
Allows someone to shadow your session without prompting you for consent
Mstsc.exe /shadow
Allows you to connect to an existing session and view what another user is doing.
DirectAccess
An always-on replacement for on-demand VPN connections. All configuration is done on the server side to allow domain-joined clients to connect. Always-on connectivity allows for additional management options.
CMAK
Connection Manager Administration Kit Applies To: Windows Server 2008 R2 Connection Manager is a client network connection tool that allows a user to connect to a remote network, such as an Internet service provider (ISP), or a corporate network protected by a virtual private network (VPN) server
Mstsc.exe /admin
Connects to the console of a remote computer rather than an RDP session this can be useful in some cases when you are troubleshooting and a typical RDP in not working properly.
: False, Data synchronization is best used for personal
Data synchronization is best used for shared data. True or False?
In computing, Internet Key Exchange (IKE, sometimes IKEv1 or IKEv2, depending on version) is the protocol used to set up a security association (SA) in the IPsec protocol suite. IKE builds upon the Oakley protocol and ISAKMP
In computing, Internet Key Exchange (IKE, sometimes IKEv1 or IKEv2, depending on version) is the protocol used to set up a security association (SA) in the IPsec protocol suite. IKE builds upon the Oakley protocol and ISAKMP
Mstsc.exe /public
Prevents Remote Desktop Connection from saving information to the local computer, For example, credentials and the name of the remote computer are not cached for later use.
mstsc.exe /restricticedAmin
Prevents the remote computer from accessing your credentials. The session uses the local computer account for permissions instead, which might not allow you to access network resoures. Theia is useful whwn a remote system may have been compromised.
Mstsc.exe / restrictedAdmin
Prevents the remote computer from accessing your credentials. the session uses the local computer account for permissions instead, which might not allow you to access network resources . This is useful when a remote system may have been comprimised.
RDC
Remote Desktop Connection (RDC, also called Remote Desktop, formerly Microsoft Terminal Services Client, mstsc or tsclient) is the client application for RDS. It allows a user to remotely log into a networked computer running the terminal services server
Wide Area Network WAN
Remote clients connect to a remote access server through a(n) ____ link
ports to allow L2TP
To allow L2TP connectivity through a firewall, you need to allow UDP port 500, UDP port4500 and IP protocol type 50is Encapsulating Security Payload ESPthat is used by IPsec
SSTP Secure Socket Tunneling Protocol port 443
To simplify firewall configuration and ensure the best compatibility with remote locations many VPNs are now based on Secure Sockets Layer SSL an SSL VPN uses port 443 An SSTP connection is authenticated by a username and password to make it easier for users, In addition, the remote server is authenticated because the certificate the certificate used for the server must be trusted
: b. PPTP is one of the most insecure VPN protocols
What is the main disadvantage with using Point-to-Point Tunneling Protocol (PPTP)? PPTP only uses a user's name for authentication. PPTP is one of the most insecure VPN protocols. PPTP uses IPsec. PPTP uses no encryption.
required connectivity
What's the main disadvantage in remote access & remote control tech? high latency required connectivity high bandwidth no encryption
FALSE
When you configure a VPN connection, the VPN must be used as the default gateway. True or False?
IPsec
When you create an L2TP VPN connection, _____ is used with L2TP to provide data encryption
c Secure Sockets Layer ,SSL port 443
Which VPN protocol simplifies firewall configuration and ensures the best compatibility with remote locations? Internet Key Exchange v2 Tunneling Protocol (IKEv2) Layer 2 Tunneling Protocol (L2TP) Secure Sockets Layer (SSL) port 443 Point-to-Point Tunneling Protocol (PPTP
IKEv2
Which VPN protocol supports the VPN Reconnect feature?
CMAK
Which automated method for VPN connection deployment would work best for users that are not domain joined?
a. Pre-shared key c. Certificates Kerberos
Which of the following are authentication methods that can be used by IPsec? (Choose all that apply.)
Windows 10 iOS Android Windows 8 Windows 7
Which of the following operating systems can use Work Folders? (Choose all that apply.)
Work Folders OneDrive Offline files
Which of the following technologies allows you to access files from a Windows 10 computer that is not currently connected to a network (wired or wireless)? (Choose all that apply.
UDP port 4500 IP protocol type 50 (ESP)
Which port numbers and packet types are relevant for allowing L2TP/IPsec through a firewall?
TCP port 443
Which port numbers and packet types are relevant for allowing SSTP through a firewall?
direct access
Which remote connectivity type automatically connects clients to the main office when they are roaming?
remote assistance
Which type of remote data access is best suited to watching users remotely while they demonstrate a process that is causing an issue?
RDS Remote Desktop Services
Which type of remote data access provides the best performance for applications accessing databases?
: False, there are several methods for deploying VPN connections automatically
Windows 10 can only utilize a VPN connection that was created manually. True or False?
Auto deployment /Group Policy Preferences
You can distribute VPN connections by using Group Policy Preferences. For domain-joined computers, this is the simplest way to configure VPN connections automatically. This method cannot be used for computers not domain joined
Remote Desktop
You want to connect to a user desktop to review Windows 10 configuration settings when the user is not present. Which technology should you use?
Remote Access
____ consists of a dedicated computer acting as a remote access server & other computers (the mobile computers) configured to link to the server. Answer
kerberos
is a computer network authentication protocol that works on the basis of 'tickets' to allow nodes communicating over a non-secure network to prove their identity to one another in a secure manner
Auto deployment /Connection Manager Administration Kit CMAK
is a feature that can be installed on Windows 10 or Windows Server, You use cmak to create VPN connections that are padkaged as an exwcutable file
Windows PowerShell for VPN's
is beyond the scope of this book a user must be able to run scripts in PowerShell to set up When you create an VPN
