1. What does IPSec stand for?

Internet Protocol Security.

2. What is IPSec?
An extension to the IP that provides security to IP in the network
layer.
IPSec is a collection of protocols designed by Internet Engineering
Task Force (IETF) to provide security at the network level.
4. What does IPSec help to create?
Authenticated and confidential packets for the IP layer.
5. What are the two modes that IPSec operates in?
Transport mode and tunnel mode.
6. What does IPSec protect in transport mode?
Only the information coming from the transport layer, not the IP
header.
7. How does the sending host use IPSec in transport mode?
To authenticate and/or encrypt the payload delivered from the
transport layer.
8. How does the receiving host use IPSec in transport mode?
To check the authentication and/or decrypt the IP packet and deliver
it to the transport layer.
9. What is added to the transport layer information in transport
mode?
The IPSec header and trailer.
10. When is the IP header added in transport mode?
Later after the security measures are applied.
11. What does IPSec protect in tunnel mode?
The entire IP packet.
12. How does IPSec work in tunnel mode?
It takes an IP packet, including the header, applies IPSec security
methods to the entire packet, and then adds a new IP header.
13. How does the new IP header compare to the original in
tunnel mode?
It has different information.
14. Where is the tunnel mode normally used?
Between two routers, between a host and a router, or between a
router and a host.
15. Where does the IPSec layer sit in transport mode?
Between the transport layer and the network layer.
16. Where does the IPSec layer sit in tunnel mode?
Between the network layer and a new network layer.
17. What two protocols does IPSec define?
Authentication Header (AH) Protocol and Encapsulating Security
Payload (ESP) Protocol.
18. What do the Authentication Header (AH) and Encapsulating
Security Payload (ESP) Protocols provide?
Authentication and/or encryption for packets at the IP level.
19. Why does the Authentication Header (AH) Protocol
designed?
To authenticate the source host and to ensure the integrity of the
payload carried in the IP packet
21. How does the AH protocol create a message digest?
Using a hash function and a symmetric key.
22. What does the AH protocol provide?
Source authentication and data integrity, but not privacy.
23. What is the value in the protocol field of the IP header when
an IP datagram carries an AH header?
51.
24. What are the steps to using the authentication header?
Add an authentication header, use padding, apply a hash, insert data
in the header, change IP protocol field value to 51.
25. What does the "next header" field in the AH define?
8 bit defines type of payload carried by the IP datagram.
26. What does the "payload length" field in the AH define?
The length of the authentication header in 4-byte multiples,
excluding the first 8 bytes.
27. What is the role of the security parameter index (SPI) field
in the AH?
It acts as a virtual-circuit identifier.
28. What is the purpose of the sequence number in the AH?
It provides ordering information and prevents replay attacks.
29. What is in the authentication data field of AH?
The result of applying a hash function to the entire IP datagram
except for the fields that are changed during transit.
30. What does the Encapsulating Security Payload (ESP)
protocol provide?
Source authentication, integrity, and privacy.
31. What does ESP add to a packet?
A header and a trailer.
32. Where is ESP’s authentication data added?
At the end of the packet.
33. What is the value of the protocol field in the IP header when
an IP datagram carries an ESP header and trailer?
50.
34. What is added first in the ESP procedure?
An ESP trailer is added to the payload.
35. What are the next steps for using the ESP protocol?
Payload and trailer are encrypted, ESP header is added,
authentication data is calculated, added to the end of the ESP trailer,
and the IP header is added with the protocol value is changed to 50.
36. How is the "security parameter index" defined in the ESP
header?
Similar to that defined for the AH protocol.
37. How is the "sequence number" field defined in the ESP
header?
Similar to that defined for the AH protocol.
38. What is the "padding" field in the ESP trailer?
A variable-length field of 0s (0 to 255 bytes).
39. What does the "pad length" field in the ESP trailer define?
The number of padding bytes (0-255).
40. What is the "next header" field in the ESP trailer?
Similar to that defined for the AH protocol.
41. How is the “Authentication data” different between AH and
ESP?
In AH part of the IP header is included in the calculation of
authentication data, and ESP does not include IP Header
42. What is the Access Control service provided by IPSec?
If a packet arrives at a destination and no security association is
established for that packet, the packet is discarded.
43. How is message integrity provided in IPSec?
A digest of data is created and sent by the sender to be checked by
the receiver (in both AH and ESP).
44. How is entity authentication (data source authentication)
provided in IPSec?
Through the Security Association and the keyed-hash digest of the
data (in both AH and ESP).
45. What provides confidentiality in IPSec?
The encryption of the message in ESP. AH does not provide
confidentiality.
46. How is replay attack protection provided in IPSec?
By using sequence numbers and a sliding receiver window in both
protocols.
47. What is a Virtual Private Network (VPN)?
A technology that creates a secure tunnel across a public network,
allowing secure communication between users and offices without
high costs.
48. What does a VPN provide in addition to security?
A mechanism for organizations to connect users and offices
together, without the high costs of dedicated leased lines.
49. Why is a VPN considered "virtual" and not physical?
Because it does not use real private WANs, the network is
physically public, but the service is virtually private.
50. What does VPN technology use to provide authentication,
integrity, and privacy?
It uses the ESP protocol of IPSec in the tunnel mode.
51. What is the most common use of IPSec implementations?
Providing Virtual Private Networking (VPN) services.
52. What does a VPN provide as a communications mechanism?
A secure one for data and IP information transmitted between
networks.
53. What are two purposes of VPNs?
Client VPNs to connect users to an office and Site-to-Site VPNs to
connect remote offices to a main office.
54. What is a Gateway-to-Gateway VPN architecture?
A VPN that is used to connect sites together.
55. What is a Host-to-Gateway VPN architecture?
A VPN that is used to connect a host to a site.
56. What is a Host-to-Host VPN architecture?
A VPN that is used to connect a host to another host directly.
57. How do Routers R1 and R2 use VPN technology?
They use VPN to guarantee privacy for the organization using their
addresses in new datagrams.