2 cissp ® Official Study Guide Eighth Edition



Download 19,3 Mb.
Pdf ko'rish
bet503/881
Sana08.04.2023
Hajmi19,3 Mb.
#925879
1   ...   499   500   501   502   503   504   505   506   ...   881
Bog'liq
(CISSP) Mike Chapple, James Michael Stewart, Darril Gibson - CISSP Official Study Guide-Sybex (2018)

Dial-Up Protocols
When a remote connection link is established, a protocol must be used to govern how the 
link is actually created and to establish a common communication foundation over which 
other protocols can work. It is important to select protocols that support security when-
ever possible. At a minimum, a means to secure authentication is needed, but adding the 
option for data encryption is also preferred. The two primary examples of dial-up proto-
cols, PPP and SLIP, provide link governance, not only for true dial-up links but also for 
some VPN links:
Point-to-Point Protocol (PPP)

This is a full-duplex protocol used for transmitting TCP/IP 


packets over various non-LAN connections, such as modems, ISDN, VPNs, Frame Relay, 
and so on. PPP is widely supported and is the transport protocol of choice for dial-up
internet connections. PPP authentication is protected through the use of various protocols, 
such as CHAP and PAP. PPP is a replacement for SLIP and can support any LAN protocol, 
not just TCP/IP.
Serial Line Internet Protocol (SLIP)

This is an older technology developed to support 


TCP/IP communications over asynchronous serial connections, such as serial cables or 

540
Chapter 12 

Secure Communications and Network Attacks
modem dial-up. SLIP is rarely used but is still supported on many systems. It can support 
only IP, requires static IP addresses, offers no error detection or correction, and does not 
support compression.
Centralized Remote Authentication Services
As remote access becomes a key element in an organization’s business functions, it is 
often important to add layers of security between remote clients and the private network. 
Centralized remote authentication services, such as RADIUS and TACACS+, provide 
this extra layer of protection. These mechanisms provide a separation of the authenti-
cation and authorization processes for remote clients that performed for LAN or local 
clients. The separation is important for security because if the RADIUS or TACACS+ 
servers are ever compromised, then only remote connectivity is affected, not the rest of 
the network.

Download 19,3 Mb.

Do'stlaringiz bilan baham:
1   ...   499   500   501   502   503   504   505   506   ...   881



Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©hozir.org 2024
ma'muriyatiga murojaat qiling
kiriting | ro'yxatdan o'tish
    Bosh sahifa
юртда тантана
Боғда битган
Бугун юртда
Эшитганлар жилманглар
Эшитмадим деманглар
битган бодомлар
Yangiariq tumani
qitish marakazi
Raqamli texnologiyalar
ilishida muhokamadan
tasdiqqa tavsiya
tavsiya etilgan
iqtisodiyot kafedrasi
steiermarkischen landesregierung
asarlaringizni yuboring
o'zingizning asarlaringizni
Iltimos faqat
faqat o'zingizning
steierm rkischen
landesregierung fachabteilung
rkischen landesregierung
hamshira loyihasi
loyihasi mavsum
faolyatining oqibatlari
asosiy adabiyotlar
fakulteti ahborot
ahborot havfsizligi
havfsizligi kafedrasi
fanidan bo’yicha
fakulteti iqtisodiyot
boshqaruv fakulteti
chiqarishda boshqaruv
ishlab chiqarishda
iqtisodiyot fakultet
multiservis tarmoqlari
fanidan asosiy
Uzbek fanidan
mavzulari potok
asosidagi multiservis
'aliyyil a'ziym
billahil 'aliyyil
illaa billahil
quvvata illaa
falah' deganida
Kompyuter savodxonligi
bo’yicha mustaqil
'alal falah'
Hayya 'alal
'alas soloh
Hayya 'alas
mavsum boyicha

yuklab olish