Skip to main content
U.S. flag
An official website of the United States government
Dot gov
The .gov means it’s official. 
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.
Https
The site is secure. 
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.
Examiner Training Programs

Continuing IT Training Program - Virtual Private Networks and Remote Access Systems

Program Overview

Virtual Private Networks (VPNs) have become an essential element in providing remote access to corporate networks and in WAN deployment.  VPNs can use the internet or be implemented on a private network by a service provider.  Internet-based VPNs inherently present a greater risk to the business.  This course addresses the definition of a VPN and key concepts essential to understanding VPN operations. The course covers common use cases, encryption, and PKI.  The course also addresses site-to-site and remotes access VPNs with authentication, authorization, and accounting methods discussed at length.  The course covers security concerns, mitigation strategies, audit requirements, sample reports, and acceptable management practices.  The course concludes with a review of the areas an examiner needs to focus on in an examination.

Key Objectives

Upon completion of this course, participants will be able to:

  • Define a VPN environment and explain different types of VPN;
  • Explain why banks are using a VPN;
  • Describe the architecture of a VPN;
  • Discuss reasons for security, common weaknesses and risks, and mitigation strategies;
  • Describe a VN based on IPsec and PPTP;
  • Discuss how VPNs work through routers/firewalls;
  • Explain the differences between hardware and software VPN; and,
  • Discuss how to manage and audit a VPN.

Instructional Format

Virtual classroom discussion and lectures via Microsoft Teams

Duration

Three days

Level

Intermediate

Target Audience

Examiners or ITEAs who will lead or participate on level B and A examinations.

This course is open to appropriate staff of the FDIC and partner government regulatory agencies. This course is not open to the public or staff of private banks.

Prerequisites

Participant should have attended the following:

  • ITEC
  • Introduction to Security
  • Introduction to Telecommunications and Networking, and
  • Deploying Internet and Intranet Firewalls

Pre-Course Assignment

None

Special Requirements

None

Post Course Feedback

None

Credits

None

More Information

For more information concerning course content and administration, please e-mail cuelp@fdic.gov.

Last Updated: January 29, 2024