Information Security Specialist Exam - VPN keywords


1. VPN Basic Concepts

  • VPN (Virtual Private Network) - Virtual private line
  • Tunneling - Secure communication path through encapsulation
  • Encrypted Communication - Data confidentiality protection
  • Authentication - Verification of legitimate users/devices
  • Private Addresses - Internal network usage

Sub-keywords: End-to-end encryption, Network isolation, Secure gateway

2. VPN Types

  • Internet VPN - Uses public internet connections
  • IP-VPN - Uses carrier's closed network
  • Entry VPN - Wide area Ethernet connection
  • Remote Access VPN - Individual devices to corporate network
  • Site-to-Site VPN (LAN-to-LAN) - Multi-location connections

Sub-keywords: Cloud VPN, Mobile VPN, Hybrid VPN

3. Key Protocols

  • IPsec - IP layer security protocol
    • Transport Mode / Tunnel Mode
    • AH (Authentication Header) - Authentication & integrity
    • ESP (Encapsulating Security Payload) - Encryption & authentication
    • IKE (Internet Key Exchange) - Key exchange
    • SA (Security Association) - Security parameters
  • SSL/TLS-VPN - Application layer
    • Clientless connection
    • Web browser-based access
  • PPTP - Point-to-Point Tunneling Protocol (legacy)
  • L2TP - Layer 2 Tunneling Protocol
  • L2TP/IPsec - Combination of L2TP and IPsec

Sub-keywords: WireGuard protocol, OpenVPN, IKEv2

4. Security Elements

  • Confidentiality - Encryption
  • Integrity - Tamper detection
  • Authentication - Prevents impersonation
  • Non-repudiation - Proof of action

Sub-keywords: CIA triad, Access control, Data protection

5. Encryption Technologies

  • Symmetric Encryption - AES, 3DES
  • Public Key Encryption - RSA
  • Hash Functions - SHA-256, MD5
  • Digital Certificates - PKI infrastructure

Sub-keywords: Key length, Cipher suites, Perfect forward secrecy

6. Authentication Methods

  • Pre-Shared Key (PSK) - Shared secret
  • Digital Certificate Authentication
  • RADIUS Authentication
  • Two-Factor Authentication (2FA)
  • One-Time Password (OTP)

Sub-keywords: Biometric authentication, Smart card, LDAP integration

7. Risks and Countermeasures

  • Eavesdropping Prevention - Strong encryption
  • Man-in-the-Middle (MITM) - Certificate verification
  • Split Tunneling - Security risks
  • Log Management - Access record retention
  • Vulnerability Management - Software updates

Sub-keywords: DNS leaks, Kill switch, Zero-trust architecture

8. Related Technologies/Terms

  • Firewall - Integration with VPN
  • NAT Traversal - Communication through NAT
  • Split Tunnel - Traffic distribution
  • VPN Concentrator - Dedicated VPN device
  • Always-On VPN - Persistent connection

Sub-keywords: SD-WAN, Load balancing, Endpoint security

9. Operations Management

  • Access Log Monitoring
  • Bandwidth Control
  • Redundancy & Availability
  • Failover Switching
  • Performance Monitoring

Sub-keywords: SLA monitoring, Capacity planning, Incident response

10. Laws & Guidelines

  • Unauthorized Access Prevention Act
  • Personal Information Protection Act - Data handling via VPN
  • ISMS - Information Security Management System

Sub-keywords: GDPR compliance, Data sovereignty, Audit requirements