Presentation is loading. Please wait.

Presentation is loading. Please wait.

This courseware is copyrighted © 2016 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.

Published bySarah Stafford Modified over 8 years ago

Similar presentations

Presentation on theme: "This courseware is copyrighted © 2016 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to."— Presentation transcript:

1 This courseware is copyrighted © 2016 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to accompany the courseware may be copied, photocopied, reproduced, or re-used in any form or by any means without permission in writing from a director of gtslearning International Limited. Violation of these laws will lead to prosecution. All trademarks, service marks, products, or services are trademarks or registered trademarks of their respective holders and are acknowledged by the publisher. All gtslearning products are supplied on the basis of a single copy of a course per student. Additional resources that may be made available from gtslearning may only be used in conjunction with courses sold by gtslearning. No material changes to these resources are permitted without express written permission by a director of gtslearning. These resources may not be used in conjunction with content from any other supplier. If you suspect that this course has been copied or distributed illegally, please telephone or email gtslearning. 5.2 Remote Access Services CompTIA Server+ Certification (Exam SK0-004)

2 Objectives Understand the use of encryption and hashing technologies and PKI Identify the use of protocols to configure a remote access server or VPN 5.2 Remote Access Services 396

3 Encryption o Scramble a message (plaintext) in such a way (ciphertext) that it can only be unscrambled with the key Confidentiality / privacy / integrity o Users cannot read the messages without the key o Users should be confident the message is as the sender composed it Authentication o Possessing the key might demonstrate that only the holder could have composed a message Digital Security 5.2 Remote Access Services 396

4 The same key is used both to encrypt and decrypt messages Referred to as secret key or single key Distribution of the key is difficult Symmetric encryption is not processor intensive – suitable for encrypting and decrypting large files quickly DES, AES, RC (Rivest Cipher), IDEA, Blowfish/Twofish, and CAST Key size Symmetric Encryption 5.2 Remote Access Services 396

5 Uses two linked keys (a key pair) – one to encrypt and the other to decrypt Referred as public key cryptography Public key is distributed to anyone Private key is kept secret by the owner Processor-intensive – only works well on short messages Often used for authentication and exchanging symmetric encryption keys securely Asymmetric Encryption 5.2 Remote Access Services 397

6 Means of vouching for a subject’s identity A Certificate Authority (CA) issues a Digital Certificates to a web server computer whose identity they have validated The digital certificate contains the server’s public key and is digitally signed by the CA Clients can use the public key to communicate with the server securely Clients can trust that the server is genuine if they trust the CA Clients are installed with the root certificates of CAs that they trust Public Key Infrastructure (PKI) 5.2 Remote Access Services 397

7 Cryptographic Hashes A hash creates a shorter fixed length digest from an original message A cryptographic creates a one-way digest – the original message cannot be recovered from the digest Secure Hash Algorithm (SHA-1 and SHA-2) Message Digest (MD5) 5.2 Remote Access Services 398

8 Remote Access Services (RAS) Tunneling / encapsulation Remote Access Services 5.2 Remote Access Services 398

9 Virtual Private Networks Host-to-site Site-to-site Host-to-host 5.2 Remote Access Services 399

10 Point-to-Point Protocol (PPP) PPP over Ethernet (PPPoE) Point-to-Point Tunneling Protocol (PPTP) Layer 2 Tunneling Protocol (L2TP) IPsec Secure Sockets Layer (SSL) / Transport Layer Security (TLS) Remote Access Protocols 5.2 Remote Access Services 400

11 Remote Access Servers Dial-up o Configure user rights o Callback o Authentication o Encryption VPN RAS 5.2 Remote Access Services 401

12 RADIUS and TACACS+ 5.2 Remote Access Services 401

13 PAP and CHAP Password Authentication Protocol (PAP) Challenge Handshake Authentication Protocol (CHAP) Standard authentication protocol for PPP Three-way handshake o Challenge o Response o Accept Handshake is repeated during the session to prevent replay MS-CHAP 5.2 Remote Access Services 402

14 EAP / IEEE 802.1X Extensible Authentication Protocol (EAP) Designed to provide for interoperable security devices and software o Supplicant o Authenticator o Authentication Server EAP-TLS (Transport Layer Security) Protected EAP (PEAP) EAP-TTLS (Tunneled Transport Layer Security) 5.2 Remote Access Services 403

15 Review Understand the use of encryption and hashing technologies and PKI Identify the use of protocols to configure a remote access server or VPN 5.2 Remote Access Services 405

Download ppt "This courseware is copyrighted © 2016 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to."

Similar presentations

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
Computer and Network Security Mini Lecture by Milica Barjaktarovic.

Computer and Network Security Mini Lecture by Milica Barjaktarovic.
1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:

1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:
Introduction to Cryptography

Introduction to Cryptography
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.
Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas

Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Cryptography April 20, 2010 MIS 4600 – MBA 5880 - © Abdou Illia.

Cryptography April 20, 2010 MIS 4600 – MBA © Abdou Illia.
This courseware is copyrighted © 2011 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.

This courseware is copyrighted © 2011 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.
Digital Signature Xiaoyan Guo/102587 Xiaohang Luo/104446.

Digital Signature Xiaoyan Guo/ Xiaohang Luo/
1 Microsoft Windows NT 4.0 Authentication Protocols Password Authentication Protocol (PAP) Challenge Handshake Authentication Protocol (CHAP) Microsoft.

1 Microsoft Windows NT 4.0 Authentication Protocols Password Authentication Protocol (PAP) Challenge Handshake Authentication Protocol (CHAP) Microsoft.
Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.

Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.
This courseware is copyrighted © 2011 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.

This courseware is copyrighted © 2011 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.
This courseware is copyrighted © 2011 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.

This courseware is copyrighted © 2011 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.

Similar presentations

Ads by Google