Guide to Network Defense and Countermeasures, 2nd Edition, ISBN: 1418836796 Chapter 6, Page 224 Prof. Michael P. Harris ITSY 2430 Intrusion Detection Name: __________________ Chapter Review Questions, Chapter Quiz 06 Date: ________ VPN Implementation 1. Under what circumstances does a firewall need to be installed at the endpoint of a VPN connection, and why? 2. A VPN domain is a group of computers ______. 3. In what type of VPN configuration must a router belong to the VPN domain? 4. Which of the following is an advantage of using a mesh VPN configuration? 5. Which of the following is an advantage of using a star VPN configuration? 6. Briefly describe split tunneling. 7. What client-side issues do you need to consider when designing your VPN? (Choose all that apply.) 8. To set up a VPN, new hardware or software must always be purchased. True or False? 9. Determining whether the network gateway is included in the VPN domain depends on whether your network has a ____________ VPN configuration. Page 1 of 2 Guide to Network Defense and Countermeasures, 2nd Edition, ISBN: 1418836796 Chapter 6, Page 224 Prof. Michael P. Harris 10. In a multiple entry point configuration, you should exclude the ________from the domain. 11. Which of the following terms describes multiple routes in routing tables that could cause some traffic to be routed incorrectly? 12. In a mesh topology, all participants in the VPN have _____________ with one another. 13. What is a main disadvantage of mesh VPNs? 14. What is a main disadvantage of star VPN topologies? (Choose all that apply.) 15. Putting a VPN on the firewall has which of the following disadvantages? (Choose all that apply.) 16. A VPN server configured to receive PPTP traffic listens for incoming connections on port___________ and needs to receive GRE traffic identified by protocol ID ________. 17. Which protocols and ports do you need to allow to pass when using L2TP and IPSec? (Choose all that apply.) 18. _________ might be the only option when NAT traffic must pass through a firewall. 19. There’s no need to set up packet-filtering rules on the perimeter firewall for VPN traffic. True or False? 20. AH uses protocol ID _______. Page 2 of 2