This online quiz is a series of essential questions about VPNs. Although many of the technical details of VPNs are hidden from the casual user, several aspects of the technology directly affect the “user experience,” and it is important to understand these.
Students, networking professionals, corporate employees, and anyone else interested in the basic technology of computer networks should find this a valuable study guide.
1. VPN stands for
a) Virtual Public Network
b) Virtual Protocol Network
c) Virtual Perimeter Network
d) Virtual Private Network
Answer: d) Virtual Private Network
VPN stands for “Virtual Private Network” or “Virtual Private Networking.” A VPN is a private network in the sense that it carries controlled information, protected by various security mechanisms, between known parties. VPNs are only “virtually” private, however, because this data actually travels over shared public networks instead of fully dedicated private connections.
2. What is the main benefit of VPNs compared to dedicated networks utilizing frame relay, leased lines, and traditional dial-up?
a) improved security
b) reduced cost
c) better network performance
d) less downtime on average
Answer: b) Reduced Cost
The main benefit of a VPN is the potential for significant cost savings compared to traditional leased lines or dial up networking. These savings come with a certain amount of risk, however, particularly when using the public Internet as the delivery mechanism for VPN data. The performance of a VPN will be more unpredictable and generally slower than dedicated lines due to public Net traffic. Likewise, many more points of failure can affect a Net-based VPN than in a closed private system. Utilizing any public network for communications naturally raises new security concerns not present when using more controlled environments like point-to-point leased lines.
3. VPNs save money by
a) reducing the need for long distance telephone calls
b) reducing the need for modem pools and remote access servers
c) reducing the need for leased lines
d) all of the above
Answer: d) All of the above
VPNs may save money in several different ways. Companies that lease private lines typically pay a very high monthly fee, and a VPN can replace these lines with much less expensive, shorter connections to a local ISP. VPNs can also support remote access connectivity for travelers. Instead of configuring remote access servers and paying for the long-distance charges to reach them, an organization can rely on an ISP to support local access on both ends of the VPN connection.
4. What is the relationship between a VPN and an extranet?
a) VPNs are unrelated to extranets
b) some extranets are VPNs and all VPNs are extranets
c) some extranets are VPNs and some VPNs are extranets
d) VPNs and extranets are two terms for the same type of network
Answer: b) some extranets are VPNs and all VPNs are extranets
Many VPNs support the same main feature of an extranet — controlled access by third parties to protected network resources. Some VPNs, however, exist only to provide remote access to employees within the organization; these are technically wide-area intranets. A few VPNs also implement local-area intranets that limit or meter access to one internal LAN from other internal LANs.
5. In VPNs, the term “tunneling” refers to
a) a marketing strategy that involves selling VPN products for very low prices in return for expensive service contracts
b) an optional feature that increases network performance if it is turned on
c) the encapsulation of packets inside packets of a different protocol to create and maintain the virtual circuit
d) the method a system administrator uses to detect hackers on the network
Answer: c) the encapsulation of packets inside packets of a different protocol to create and maintain the virtual circuit
VPN tunneling transforms packets from a VPN tunneling protocol format to a different format before being transmitted over the public network. This technique, called encapsulation, is used in several network technologies besides VPN. Once encapsulated, VPN protocol packets are responsible for creating and maintaining the private connection — including set-up and tear-down details. Tunneling is the essential feature behind any VPN implementation.
6. Which of the following are VPN tunneling protocols?
d) All of the above
Answer: d) All of the above
PPTP, IPsec, and L2TP are three of today’s most popular VPN tunneling protocols. Each one of these is capable of supporting a secure VPN connection.
7. PPTP stands for
a) Place to Place Tunneling Protocol
b) Point to Point Tunneling Protocol
c) Pretty Pointless Traffic Producer
d) Private Protocol Transfer Process
Answer: b) All of the above
PPTP stands for Point to Point Tunneling Protocol. PPTP is a protocol specification developed by several companies. However, people generally associate PPTP with Microsoft because nearly all flavors of Windows include built-in support for this protocol.
8. What is the basic difference between a VPN and a firewall?
a) firewalls can be configured by an administrator but VPNs cannot be configured
b) there is no fundamental difference exists between firewalls and VPNs
c) firewalls are designed to block network traffic and VPNs are designed to deliver traffic
d) firewalls are a less secure form of VPN
Answer: c) firewalls are designed to block network traffic and VPNs are designed to deliver traffic
VPNs establish a guarded connection and transmit data across that link, whereas firewalls sit at strategic locations on the network and watch for certain types of traffic to block. An appropriately configured VPN can communicate through firewalls.
9. What network port does PPTP use to establish communication?
PPTP uses TCP port 1723 to establish a connection. When opening holes in a firewall to support PPTP, one must be careful to not specify UDP port 1723 instead of TCP.
Also, PPTP uses IP port 47, designed for “General Routing Encapsulation” or GRE packets. A common mistake in configuring firewalls for use with PPTP is to open port 1723 (allowing connections to be established) but fail to open port 47 (denying actual data from passing through the tunnel). Some operating systems include “PPTP ping” utiliies (pptpsrv and pptpclnt in Windows 2000) that verify both PPTP ports are opened.
10. Which approach to VPNs is the best one?
b) software only
c) VPN-specific gateway device
Answer: c) VPN Specific gateway device
Each of these four alternatives is a viable approach to implementing a VPN, and vendors supply products in each of these areas. Some people may prefer the convenience of a “VPN in a box” as provided by special-purpose gateway devices. Those with routers and firewalls already present in their network may prefer to extend these for VPNs. Finally, those wanting to avoid hardware purchases can select a software-only VPN solution that meets their needs.