|< Day Day Up >|| |
Before taking the exam, review the key topics and terms that are presented in this chapter. You need to know this information.
Understand the advantages and disadvantages of dial-up and VPN access.
Be able to list the various authentication methods, the operating systems that support each, and their advantages and disadvantages.
Be able to describe scenarios in which you would choose to use either PPTP or L2TP/IPSec VPN protocols.
Know the factors that determine whether a user is authorized to establish a dial- up or VPN connection.
Know how to configure both remote access clients and remote access servers, and know how to use the CMAK.
Challenge Handshake Authentication Protocol (CHAP) A challenge-response authentication protocol for PPP connections, documented in RFC 1994, that uses the industry-standard MD5 one-way encryption scheme to hash the response to a challenge issued by the remote access server.
Extensible Authentication Protocol (EAP) An authentication method primarily used to provide authentication based on smart cards or public key certificates. EAP is supported by Windows Server 2003, Windows XP, and Windows 2000.
Layer Two Tunneling Protocol (L2TP) A standardized RFC-based tunneling VPN protocol. L2TP relies on IPSec for encryption services.
Microsoft Challenge Handshake Authentication Protocol (MS-CHAP) An encrypted authentication mechanism for PPP connections. MS-CHAP is similar to CHAP. The remote access server sends to the remote access client a challenge that consists of a session ID and an arbitrary challenge string. The remote access client must return the user name and a Message Digest 4 (MD4) hash of the challenge string, the session ID, and the MD4-hashed password. MS-CHAP v2 improves on MS-CHAP v1 by offering mutual authentication for both the client and the server.
Password Authentication Protocol (PAP) A simple plaintext authentication scheme for authenticating PPP connections. The user name and password are requested by the remote access server and returned by the remote access client in plaintext.
Point-to-Point Protocol (PPP) An industry-standard suite of protocols for the use of point-to-point links to transport multiprotocol datagrams. PPP is primarily used to connect dial-up users to a remote access server. PPP is documented in RFC 1661.
Point-to-Point Tunneling Protocol (PPTP) A VPN protocol designed by Microsoft and based on PPP. PPTP relies on MPPE for encryption services.
Shiva Password Authentication Protocol (SPAP) A two-way, reversible encryption mechanism for authenticating PPP connections employed by Shiva remote access servers.
|< Day Day Up >|| |