One of the most ever-present and ancient uses of the Internet and networking has been to provide remote access to networks or network resources. Since the early 1980’s, different remote access protocols have existed to allow users to remotely “dial in” to a network of choice; while some of these protocols have come and gone, many of them remain widely in use even today in dial-up WAN access and business VPN networks. The Security+ examination will test you on your ability to identify the security features, benefits, and costs of several types of remote access protocols and services.
RAS, or Remote Access Service, is a rarely-used, unsecure, and outdated Microsoft offering in the area of remote access technology. You should know for the exam that RAS provides dial-up access and once was the protocol of choice for connecting to the Internet.
RAS was eventually replaced by PPP, the most common dial-up networking protocol today. PPP, or point-to-point protocol, utilizes a direct connection from a client to WAN over TCP/IP. This is advantageous for dial-up networking services as most people today wish to be able to use the Internet, which of course requires TCP/IP networking. When you think dial-up access, think PPP.
The next group of technologies is considered “secure” in that the technologies set up an encrypted, sometimes “tunneled,” and difficult-to-intercept connection. These are the technologies typically employed in VPN (Virtual Private Network) applications and corporate remote networks.
Point-to-point tunneling protocol, or PPTP, is a tunneling protocol that can encapsulate connection-oriented PPP packets (which are simple remote access packets) into connectionless IP packets. In doing so, the data remains within the “IP capsule,” which prevents sniffing and other outside manipulation. PPTP is a client-server system that requires a PPTP client, a PPTP server, and a special network access server to provide normal PPP service. PPTP is commonly used to set up “Virtual Private Networks,” which are like LAN’s that are spread across the Internet so that multiple remote clients can connect to one logical network.
Once the entire system is restored in its earlier configuration, then it is essential to turn down to the every single step and procedures applied for the entire response process, and keep a record of that. This record acts as a lesson for one, may be that is the Team leader or a general staff.
Like PPTP, L2TP (Layer 2 Tunneling Protocol) utilizes a tunneling protocol, but unlike PPTP, L2TP utilizes IPSec (IP Security) to encrypt data all the way from the client to the server. Because of this, L2TP data is difficult to intercept. L2TP can accommodate protocols other than IP to send datagrams and is therefore more versatile; it is also common in VPN applications
SSL, or Secure Sockets Layer, is a technology employed to allow for transport-layer security via public-key encryption. What you should know about this for the exam is that SSL is typically employed over HTTP, FTP, and other Application-layer protocols to provide security. HTTPS (HTTP over SSL) is particularly used by web merchants, credit card validation companies, and banks to ensure data security.
Kerberos is a *Nix (Unix-like) technology that is also being implemented in Microsoft technology to allow for client-server authentication over a network based on a shared key system. Kerberos is a public-key encryption technology and therefore is considered quite modern.
Source by wikipedia
To Become Cretified For CompTIA Security+ Please Visit This Link ;