2.6 Given a scenario, implement secure protocols Flashcards
Protocols
Common types of traffic that you may look at encrypting are web, e-mail, Telnet, and FTP traffic. When designing or assessing security, you want to ensure that you are using the most secure communication protocols possible.
Protocols - DNSSEC
DNSSEC is an important security protocol to DNS. DNSSEC does not encrypt communication to the DNS server, but adds integrity to the DNS records so that clients know if the DNS data was modified by an unauthorized person. DNSSEC does this by adding to each record a digital signature that contains a hash value of the data that can be verified.
Protocols - SSH
SSH is designed to be a secure replacement to Telnet, and provides authentication and encryption services. SSH can be used to create an encrypted channel so that communication through the channel is encrypted. A common scenario where SSH is used is for remote access to switches and routers.
Protocols - S/MIME
S/MIME is the protocol used to encrypt email messages on the network. For example, S/MIME could be used to encrypt e-mail messages from the client.
Protocols - SRTP
For voice and video conferencing applications that use RTP, if you are concerned that someone can capture your voice and video traffic and then play it back, you can implement SRTP as a replacement protocol. It provides encryption and authentication services to voice and video communication.
Protocols - LDAPS
LDAPS is a secure directory service access protocol that should be used instead of LDAP when security is a concern, as it encrypts all communication to the directory server.
Protocols - FTPS
FTP Secure, also known as FTP-SSL, should be used as a secure replacement to FTP because it encrypts FTP communication using either the SSL or TLS security protocol.
Protocols - SFTP
SFTP is an extension on SSH that allows secure transfer and management of files through an SSH channel. Note that this is not the same as FTPS, which uses SSL or TLS to secure FTP traffic.
Protocols - SNMPv3
This version should be used over earlier versions of SNMP because it provides authentication and communication encryption features. SNMP is used for monitoring and managing devices on the network, such as routers and switches. You should review those devices and verify they are using SNMPv3 instead of version 1 or version 2.
Protocols - SSL/TLS
SSL has been the popular protocol for encrypting traffic, such as web and email traffic, for several years. TLS is a more secure protocol that is designed to replace SSL. SSL or the newer TLS protocol could be used to encrypt communication between servers within your organization. You could also use this to secure communication between two e-mail servers, either within your organization or with a partner company.
Protocols - HTTPS
Instead of using HTTP, which is the protocol for unsecured web traffic, you should be using HTTPS, also known as Secure HTTP (SHTTP). HTTPS uses SSL (discussed next) to encrypt the communication between the client and the web server. A scenario, or use case, where HTTPS could be used is if you have a web site that allows customers to update their profile information and you want to ensure their information is encrypted as it travels across the Internet.
Protocols - Secure POP/IMAP
When you have an e-mail client on the Internet that will connect to your company e mail server using POP or IMAP, which send data in an unencrypted format (including username and password), you should look to using Secure POP or Secure IMAP to encrypt the communication. Both Secure POP and Secure IMAP use TLS or SSL to secure e-mail communication.
Use Cases (for Secure Protocols)
There are a number of common scenarios where you should be using the secure protocol over the insecure version of the protocol.
Use Cases - Voice and Video
If your organization is using VoIP solutions, be sure to use SRTP to encrypt your voice traffic on the network.
Use Cases - Time Synchronization
Many network devices, such as routers and
firewalls have the capability to connect to a time synchronization server to maintain time on the device.