3 Flashcards
What is DNSSEC?
Domain Name System Security Extensions (DNSSEC)
helps to mitigate against spoofing and poisoning attacks. The authoritative server for the zone creates a package or resource records, called an RRset, signed with a private key known as the zone signing key.
What does TLS mean and what is the difference between TLS 1.1 TLS 1.2?
Transport Layer Security (TLS) 1.2
added support for the strong Secure Hash Algorithm (sha)-256 cipher. That is the primary difference between TLS 1.1 and TLS 1.2.
What does FTPS mean?
File Transfer Protocol over SSL (FTPS)
implicitly negotiates a Secure Sockets Layer/Transport Layer Security (SSL/TLS) tunnel before exchange of any File Transfer Protocol (FTP) commands. This mode uses the secure port 990 for the control connection?
What does FTPES?
Explicit FTP over SSL (FTPES)
uses the Auth TLS command to upgrade an unsecure connection established over port 21 to a secure one. This negotiates a SSL/TLS tunnel explicitly and is preferred over FTPS.
What is POP3?
Secure Post Office Protocol v3 (POP3)
is a mailbox protocol designed to allow mail to be stored on a server and downloaded to the recipient’s email client at their convenience.
What is SFTP?
Secure Shell File Transfer Protocol (SFTP)
addresses the privacy and integrity issues of FTP by encrypting the authentication and data transfer between a client and server. A secure link is created using Secure Shell over Transmission Control Protocol port 22.
What is AH protocol?
Authentication Header (AH) protocol
performs a cryptographic has on the whole packet, including the IP header, plus a shared secret key (known only to the communicating hosts) and adds this HMCA in its header as an Integrity Check Value (ICV)
What is ESP protocol?
Encapsulation Security Payload (ESP) protocol
provides confidentiality and/or authentication and integrity. It encrypts the data payload.
What is Transport mode?
Transport mode secure communications between hosts on a private network (an end-to-end implementation).
AH and ESP running transport mode provides confidentiality, integrity, and authentication for internal secure communication.
What is S/MIME?
Secure/Multipurpose Internet Mail Extensions (S/MIME)
is a widely accepted method for sending digitally signed and encrypted messages. It allows the sender to encrypt the emails and digitally sign them.
What is SNMPv3?
Simple Network Management Protocol (SNMP) v3
supports encryption and strong user-based authentication. Instead of community names, the agent is configured with a list of usernames and access permissions.
What is DHCP?
Dynamic Host Configuration Protocol (DHCP)
provides an automatic method for network address allocation. As well, an IP address and subnet mask can include optional parameters.
What is LDAPS?
Lightweight Directory Access Protocol Secure (LDAPS)
enables secure queries to a directory by its use over port 636. An unsecure version (LDAP) would utilize port 389.
What is HIPS?
Host Intrusion Prevention System (HIPS)
is software located on the host system and has an active response to threats. In the example of an unknown IP range trying to gain access to a server, the HIPS at the server level will block the connection.
Can also prevent malicious software from traveling between VMs.
What is HIDS?
Host Intrusion Detection System (HIDS)
is software located on the host system. It can log and notify admins or users about intrusion attempts without an active response, like denying or blocking.
