2 cissp ® Official Study Guide Eighth Edition


Remote Authentication Dial-In User Service (RADIUS)



Download 19,3 Mb.
Pdf ko'rish
bet504/881
Sana08.04.2023
Hajmi19,3 Mb.
#925879
1   ...   500   501   502   503   504   505   506   507   ...   881
Bog'liq
(CISSP) Mike Chapple, James Michael Stewart, Darril Gibson - CISSP Official Study Guide-Sybex (2018)

Remote Authentication Dial-In User Service (RADIUS)

This is used to centralize the 


authentication of remote dial-up connections. A network that employs a RADIUS server
is configured so the remote access server passes dial-up user logon credentials to the 
RADIUS server for authentication. This process is similar to the process used by domain 
clients sending logon credentials to a domain controller for authentication. RADIUS 
operates over several ports; you should recognize the original UDP 1812 port as well
as that used by RADIUS over TLS, which is TCP 2083. The TCP version of RADIUS
was designed in 2012 to take advantage of TLS encryption (see RFC 6614 at
https://tools.ietf.org/html/rfc6614
).
Terminal Access Controller Access-Control System (TACACS+)

This is an alternative 


to RADIUS. TACACS is available in three versions: original TACACS, Extended TACACS 
(XTACACS), and TACACS+. TACACS integrates the authentication and authorization 
processes. XTACACS keeps the authentication, authorization, and accounting processes 
separate. TACACS+ improves XTACACS by adding two-factor authentication. TACACS+ 
is the most current and relevant version of this product line. The primary port for 
TACACS+ is TCP 49.
Virtual Private Network

virtual private network (VPN)
is a communication tunnel that provides point-to-point 
transmission of both authentication and data traffic over an intermediary untrusted network. 
Most VPNs use encryption to protect the encapsulated traffic, but encryption is not necessary 
for the connection to be considered a VPN.
VPNs are most commonly associated with establishing secure communication paths 
through the internet between two distant networks. However, they can exist anywhere, 

Virtual Private Network 
541
including within private networks or between end-user systems connected to an ISP. The 
VPN can link two networks or two individual systems. They can link clients, servers,
routers, firewalls, and switches. VPNs are also helpful in providing security for legacy 
applications that rely on risky or vulnerable communication protocols or methodologies, 
especially when communication is across a network.
VPNs can provide confidentiality and integrity over insecure or untrusted intermediary 
networks. They do not provide or guarantee availability. VPNs also are in relatively wide-
spread use to get around location requirements for services like Netflix and Hulu and thus 
provide a (at times questionable) level of anonymity.

Download 19,3 Mb.

Do'stlaringiz bilan baham:
1   ...   500   501   502   503   504   505   506   507   ...   881



Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©hozir.org 2024
ma'muriyatiga murojaat qiling
kiriting | ro'yxatdan o'tish
    Bosh sahifa
юртда тантана
Боғда битган
Бугун юртда
Эшитганлар жилманглар
Эшитмадим деманглар
битган бодомлар
Yangiariq tumani
qitish marakazi
Raqamli texnologiyalar
ilishida muhokamadan
tasdiqqa tavsiya
tavsiya etilgan
iqtisodiyot kafedrasi
steiermarkischen landesregierung
asarlaringizni yuboring
o'zingizning asarlaringizni
Iltimos faqat
faqat o'zingizning
steierm rkischen
landesregierung fachabteilung
rkischen landesregierung
hamshira loyihasi
loyihasi mavsum
faolyatining oqibatlari
asosiy adabiyotlar
fakulteti ahborot
ahborot havfsizligi
havfsizligi kafedrasi
fanidan bo’yicha
fakulteti iqtisodiyot
boshqaruv fakulteti
chiqarishda boshqaruv
ishlab chiqarishda
iqtisodiyot fakultet
multiservis tarmoqlari
fanidan asosiy
Uzbek fanidan
mavzulari potok
asosidagi multiservis
'aliyyil a'ziym
billahil 'aliyyil
illaa billahil
quvvata illaa
falah' deganida
Kompyuter savodxonligi
bo’yicha mustaqil
'alal falah'
Hayya 'alal
'alas soloh
Hayya 'alas
mavsum boyicha

yuklab olish