Join the 40,000+ candidates in over 58 countries that have found a faster, better way to pass their certification exam.
Comprehensive practice exam engine!
All features in the FREE plan, plus:
Welcome to our virtual private networks and virtual LAN module. Virtual private networks can be used to create a trusted communication channel between two sites through a network that is otherwise not trusted such as the Internet. This is much less expensive, and more flexible, than creating a dedicated link.
VPN is often configured on routers in corporate environments. And you can set up router to router VPNs to do bulk encryption at the perimeter of your sites. You can use cryptographic cards and add them to routers in order to encrypt data, and you can create LAN to LAN or site to site IP sec tunnels between your routers.
This allows you to secure communications between two offices so that individuals on the internet are not able to view your traffic that you're transmitting. You can also use SSL or TLS to create a browser-based remote access VPN for your employees. The employee would simply visit the website for your VPN solution from a remote location.
They would initiate a secure connection. The server would then send a certificate to the users so that the user could verify the identity of the server. Optionally the client can send back its own digital certificate, if the server requests, after verifying that the server's certificate is valid. And then the client would send the server a random master key encrypted with the server's public key.
And this will be used to create a secured session, and that encryption key will be used to secure all of the data transmitted between the client and the server over that secured channel. For the CISSP examination, you should remember that the SSL TLS browser-based VPN Is the easiest solution to implement because you do not have to install any software or configure any of the settings.
The user simply goes to a website and logs in. Virtual private networks can be used to create tunnels, or point to point encryption, to communicate between two sites over the Internet which is considered to be inherently insecure. Your telecommuter can remotely access using the Internet connection in their house.
You can provide strong authentication with either Microsoft CHAP version two or EAP or PEAP. And they would connect through their Internet service provider into your corporate environment, creating an L2TP IPsec tunnel. The communication would then be encrypted between your telecommuter and your corporate environment. Option two demonstrates how you can use site to site VPN to create secure communication between two sites in your infrastructure.
You would use an IPsec encryption device like a router or a VPN concentrator at the network perimeter of both locations. This would create an L2TP IPsec tunnel between the two locations and all the data transmitted between the two sites would be encrypted to prevent individuals that are not authorized from intercepting the communications.
The third option is a telecommuter who uses a web browser to an IP address, or a website that you've previously configured. They can then use their username and password, and perhaps a digital certificate as a second authentication factor to connect through an SSL TLS VPN which will allow them to create a secure tunnel and then access the resources in your corporate environment.
Virtual LANs or VLANs allow you to segment traffic using the IEEE 802.1Q standard. You can logically separate groups, users, and resources depending on your security requirements, rather than the user's physical location. In order to set up and use VLANs, you will need managed switches which support the IEEE 802.1Q protocol.
You can segment users for security reasons determined by your administrators. To the right here, we can see we have a sample of what this might look like. We have two VLANs, a Development VLAN, and a Payroll VLAN. The individuals operating on the Development VLAN do not have any access to the computers on the Payroll VLAN.
And the computers that are connected to the payroll VLANs are not able to access the development VLAN. Even though all of these devices are plugged into the same switches which would allow them to physically communicate with each other, the VLAN technology in the switches isolates these computers as if they were plugged into separate switches.
So they can not communicate with devices that they are not supposed to be able to access. For the CISSP examination, you should familiar with virtual LANs and their function and also remember that the IEEE 802.1Q standard is the one that provides virtual LANs. This concludes our virtual private networks and virtual LAN module.
Thank you for watching.
Classified by skill and ranked by difficulty. Choose to answer questions in STUDY MODE to review and you go.
Know when you’re ready for the high-stakes exam. Have the confidence that you will pass on your first attempt.
Don’t forget what you’ve just studied! Use the intelligent reinforcement questions to stay fresh.
THANK YOU! Just bloody thank you! I’m doing the CEH minor at my college and well...I’ve learned more from this site in a few hours than I’ve learned from my school in 9 weeks about the subject. Keep up the good work!
Skillset’s Exam Engine continuously assesses your knowledge and determines when you are ready take and pass your exam. When Skillset learns that there is a gap between your knowledge and what you need to know to pass, we present you with a focused training module that gets you up to speed quickly. No fluff! Find your knowledge gaps and fill them.
Skillset is confident that we can help anyone pass their exam. If you reach 100% readiness, and you do not pass your exam, we will refund you plus pay for a replacement exam voucher. That’s how powerful our learning system is, we can offer this guarantee and stand behind our products with this no risk to you guarantee. See terms and conditions.
Don’t waste time studying concepts you have already mastered. Focus on what you need to know to pass. The Skillset Competency Diagnostic aligns our Exam Engine and Learning Plan to your baseline knowledge. This saves an average of 31% of the time required to prep for a professional certification exam.
More PRO benefits are being built all the time!