Virtual private network (VPN)

2.4 Explain common network configuration concepts

📘CompTIA A+ Core 1 (220-1201)

What is a VPN?

A Virtual Private Network (VPN) is a technology that creates a secure, encrypted connection over an untrusted network, such as the internet.

A VPN allows a device to:

  • Safely access a private network
  • Protect data from being seen or modified
  • Appear as if it is connected directly inside the organization’s network

For the exam, remember:

A VPN creates a secure tunnel through an insecure network.

Why VPNs Are Used (Exam Focus)

VPNs are commonly used to:

  • Secure data traffic over the internet
  • Allow remote users to access internal network resources
  • Protect sensitive information from attackers
  • Encrypt communication between two networks

Common IT environments using VPNs:

  • Remote employees connecting to company servers
  • IT administrators managing systems securely
  • Secure communication between branch offices
  • Accessing internal services like file servers or databases

How a VPN Works (Simplified)

  1. The user starts a VPN connection from their device
  2. The VPN software encrypts the data
  3. An encrypted tunnel is created between the device and the VPN server
  4. Data travels securely through the tunnel
  5. The VPN server decrypts the data and forwards it to the internal network

Key point for the exam:

All data inside the VPN tunnel is encrypted

VPN Tunnel

A VPN tunnel is a secure path created between two endpoints.

Exam facts:

  • Data inside the tunnel is encrypted
  • Prevents eavesdropping
  • Protects against man-in-the-middle attacks

Types of VPNs (Very Important for Exam)

1. Remote Access VPN (Client-to-Site)

This is the most common type tested on A+.

  • Used by individual users
  • Requires VPN client software
  • Connects one device to a private network

Example in IT environment:

  • An employee uses a VPN client to access company file servers

Exam keywords:

  • Client-to-Site
  • Remote user
  • VPN client software

2. Site-to-Site VPN

  • Connects two networks together
  • Does NOT require user interaction
  • Often configured on routers or firewalls

Example in IT environment:

  • Headquarters and branch office networks are connected securely

Exam keywords:

  • Network-to-Network
  • Always-on connection
  • Router-based VPN

VPN Encryption (High Exam Importance)

VPNs use encryption to protect data.

Encryption ensures:

  • Confidentiality
  • Data integrity
  • Authentication

For the exam:

VPNs encrypt traffic to prevent data interception

Common VPN Protocols (Must Know for Exam)

1. IPsec (Internet Protocol Security)

  • Very common in enterprise VPNs
  • Operates at the network layer
  • Provides encryption and authentication

Key exam points:

  • Secure
  • Often used for site-to-site VPNs
  • Uses AH and ESP

2. SSL/TLS VPN

  • Uses HTTPS (TCP port 443)
  • Often accessed through a web browser
  • Easier to use and firewall-friendly

Exam tip:

SSL VPNs work well when strict firewall rules exist

3. L2TP/IPsec

  • L2TP provides tunneling
  • IPsec provides encryption
  • Common on modern operating systems

4. PPTP (Legacy – Insecure)

  • Older VPN protocol
  • Weak encryption
  • Not secure

Exam warning:

PPTP is outdated and should NOT be used

VPN Authentication Methods

VPNs require users to prove their identity.

Common methods:

  • Username and password
  • Certificates
  • Multi-Factor Authentication (MFA)

Exam point:

Strong authentication improves VPN security

VPN Client Software

To use a VPN, the device may need:

  • Built-in OS VPN client
  • Third-party VPN software

Operating systems that support VPN clients:

  • Windows
  • macOS
  • Linux
  • Mobile operating systems

Split Tunneling (Exam Topic)

What is Split Tunneling?

Split tunneling allows:

  • VPN traffic to go through the VPN
  • Internet traffic to go directly to the internet

Advantages:

  • Reduces network load
  • Improves performance

Disadvantages:

  • Less secure
  • Internet traffic is not encrypted

Exam tip:

Split tunneling trades security for performance

Full Tunnel VPN

  • All traffic goes through the VPN
  • More secure
  • More bandwidth usage

VPN and Security (Key Exam Points)

VPNs help protect against:

  • Packet sniffing
  • Man-in-the-middle attacks
  • Data theft on public networks

However:

  • VPNs do NOT protect against malware
  • Endpoint security is still required

VPN Ports and Firewalls (Basic Awareness)

Common ports:

  • IPsec: UDP 500, UDP 4500
  • SSL VPN: TCP 443

VPNs may require firewall configuration to allow traffic.

VPN Troubleshooting (A+ Level)

Common issues:

  • Incorrect credentials
  • Firewall blocking VPN traffic
  • Outdated VPN client
  • Time synchronization issues

Key Exam Takeaways (Memorize These)

  • VPN = secure, encrypted tunnel over the internet
  • Used to access private networks remotely
  • Remote access VPN is most common
  • IPsec and SSL/TLS are secure VPN protocols
  • PPTP is insecure and outdated
  • Split tunneling improves performance but reduces security
  • VPNs encrypt data but do not stop malware

One-Line Exam Definition

A VPN securely connects users or networks over an untrusted network using encryption.

Buy Me a Coffee

Powered by
Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None
Powered by