Exam Highlights

 < Day Day Up > 



Before taking the exam, review the key topics and terms that are presented in this chapter. You need to know this information.

Key Topics

  • Be able to explain how IPSec determines what traffic to act on, and be able to describe the process IPSec uses when negotiating encryption and authentication protocols.

  • List IPSec’s various functional modes and the situations in which each mode should be used.

  • List the various authentication methods IPSec can use and the situations in which each should be chosen.

  • Be able to configure IP security policies on a local computer.

  • Understand what planning needs to be done before deploying IPSec to an enterprise, including integrating IPSec management with Active Directory and testing existing applications.

Key Terms

IP filter list A series of IP filters that IP security policies use to identify traffic that should be ignored or acted upon.

filter action Configuration settings that specify the behavior that an IP security policy takes on filtered traffic.

Quick Mode Phase 2 of the IPSec negotiation process. Quick Mode negotiation occurs after Main Mode negotiation to establish a session key to be used for encryption until the next Quick Mode negotiation is scheduled to occur.

Main Mode Phase 1 of the IPSec negotiation process. Main mode negotiation selects a protection suite that both the client and server support, authenticates the computers, and then establishes the master key for the IPSec session.

Transport Mode An IPSec mode wherein only a portion of the packet, including the Transport and Application layer data, is encapsulated by IPSec. Used to provide IPSec protection for communications between two hosts.

Tunnel Mode An IPSec mode wherein IPSec encapsulates entire packets. Used to provide IPSec protection for communications to a network with multiple hosts.

Authentication Header (AH) An IPSec protocol that provides authentication and data integrity but does not provide encryption.

Encapsulating Security Payload (ESP) An IPSec protocol that provides authentication, data integrity, and encryption.



 < Day Day Up > 



MCSA(s)MCSE Self-Paced Training Kit Exam 70-299 (c) Implementing and Administering Security in a M[.  .. ]twork
MCSA/MCSE Self-Paced Training Kit (Exam 70-299): Implementing and Administering Security in a MicrosoftВ® Windows Server(TM) 2003 Network (Pro-Certification)
ISBN: 073562061X
EAN: 2147483647
Year: 2004
Pages: 217

Similar book on Amazon

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net