IPSec

[Anil Kumar K]

Which one of the following attacks is MOST effective against an Internet Protocol Security(IPSEC) based virtual private network (VPN)?

a. Man-in-the-middle

b. Replay

c. Brute force

d. Traffic analysis

Get Outlook for iOS

[Uday Kiran]

This one I like and tricky, I wanted to know the answer to this.

As far as I know, it is either Brute Force OR Man In the Middle, all cases MITM won't work; it should be BruteForce, C 

Regards,

Uday Kiran

--
===========================================================
Another resource brought to you by CCCure for our Learners
 
Having any issues, contact us at: sup...@cccure.com
 
Visit our NEW quiz at: https://cccure.education/
 
Visit our learning portal at: https://cccure.training
 
Visit the CCCure web store at: https://www.cccure.com
===========================================================
---
You received this message because you are subscribed to the Google Groups "CISSP Study Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cissptalks+...@googlegroups.com.
To post to this group, send email to cissp...@googlegroups.com.
Visit this group at https://groups.google.com/group/cissptalks.
To view this discussion on the web visit https://groups.google.com/d/msgid/cissptalks/CY4PR03MB2421E0DD1543F302E8913BF3AB1E0%40CY4PR03MB2421.namprd03.prod.outlook.com.
For more options, visit https://groups.google.com/d/optout.

--

Regards,
Uday Kiran

[Venky T]

I guess it's A. MITM

--

[mohdilyasali]

 

Answer: B Active attacks find identities by being a man-in-the-middle or by replacing the responder in the negotiation. The attacker proceeds through the key negotiation with the attackee until the attackee has revealed its identity. In a well-designed system, the negotiation will fail after the attackee has revealed its identity because the attacker cannot spoof the identity of the originally-intended system. The attackee might then suspect that there was an attack because the other side failed before it gave its identity. Therefore, an active attack cannot be persistent because it would prevent all legitimate access to the desired IPsec system. Not C: Traffic analysis is a good attack but not the most effective as it is passive in nature, while Man in the middle is active.

To view this discussion on the web visit https://groups.google.com/d/msgid/cissptalks/CAHHe5JtFbtx-Pjm0%3DkT%3D%3D5HyD5O4c2Sg008QYTJFhz52cHfttQ%40mail.gmail.com.

[Anil Kumar K]

IPSec is protected by reply attacks.

Get Outlook for iOS

---

From: cissp...@googlegroups.com <cissp...@googlegroups.com> on behalf of mohdilyasali <mohdil...@gmail.com>
Sent: Monday, September 17, 2018 12:14:12 PM
To: cissp...@googlegroups.com
Subject: RE: [CCCure_CISSP_Talks] IPSec

 

To view this discussion on the web visit https://groups.google.com/d/msgid/cissptalks/00fe01d44e51%24d927aac0%248b770040%24%40gmail.com.

[Venky T]

Couldn't understand your feedback - IPSEC is "protected" by replay attacks ?

Can you pls explain with answer explanation provided for that question as well ?

-- V.T.

To view this discussion on the web visit https://groups.google.com/d/msgid/cissptalks/CY4PR03MB24212D3DEC1FDE74543CDE03AB1E0%40CY4PR03MB2421.namprd03.prod.outlook.com.