Acronyms of the CCNA Security Part 5 — VPN Terms

This article is part 5 and the final installment of a series that describe the the acronyms that are likely found in a student’s CCNA Security studies. This article addresses the acronyms that are relevant to Virtual Private Networks.

 3DES (3 Data Encryption Standard)–pronounced “Triple-Dez”, a symmetric block cipher encryption standard also known as Triple Data Encryption Algorithm that is based on the earlier standard known simply as DES

AH (Authentication Header)–cryptography protocol that provides integrity and origin authentication

AES (Advanced Encryption Standard)–encryption standard for symmetric encryption that is considered a successor to 3des and based on configureable key lengths of 128, 192 and 256 bits

CA (Certificate Authority)–in a PKI architecture, the entity that signs a key or code in the form of a digital certificate

D-H (Diffie-Hellman)–a key establishment or key agreement protocol that allows two devices (or users) to negotiate a secret key over an insecure medium without any prior keys

DTLS (Datagram Transport Layer Security)–a method for providing an encrypted tunnel similar to SSL but utilizing UDP as a transport layer

HMAC (Hash Message Authentication Codes)–process used with MD5 or SHA to provide integrity checking and authentication of a message

IKE (Internet Key Exchange)–part of the IPSec framework, a group of algorithms that are used together to negotiate security associations

IPSec (Internet Protocol Security)–suite or framework of protocols that are used together to create encrypted and authenticated tunnel between two endpoints for transmission of sensitive data over a public network

MD5 (Message Digest 5)–hash algorithm that that produces a 128 bit value. Used alongside HMAC in IPSec in order to provide integrity checking and authentication of a message

PKI (Public Key Infrastructure)–an infrastructure based on public/private key pairs that establishes a chain of trust utilizing by certificate authorities

PSK (Pre-shared Key)–a common password that is agreed upon between two peers for purposes of authentication

SHA (Secure Hash Algorithm)–hash algorithm that that produces a 160 bit value. Used alongside HMAC in IPSec in order to provide integrity checking and authentication of a message. Also available in variants that produce longer hash values

SSL (Secure Sockets Layer)–protocol that utilizes PKI to provide secure communications between endpoints. Commonly used with http in the form of https

TLS (Transport Layer Security)–successor to SSL providing secure communications between endpoints. Also commonly used with http in the form of https
VPN (Virtual Private Network)–a technique that provides a secure and encrypted connection for sensitive data over a private network

Book not found

About Paul Stewart, CCIE 26009 (Security)

Paul is a Network and Security Engineer, Trainer and Blogger who enjoys understanding how things really work. With over 15 years of experience in the technology industry, Paul has helped many organizations build, maintain and secure their networks and systems.
This entry was posted in CCNA Security, Certification, Security, Technology and tagged , . Bookmark the permalink.