3.1 Flashcards
Given a scenario, implement secure protocols.
Is a set of extensions to the DNS protocol that, through the use of cryptography, enables origin authentication of DNS data, authenticated denial of existence, and data integrity but does not extend to availability or confidentiality.
Domain Name System
Security Extensions (DNSSEC)
Is an encrypted remote terminal connection protocol used for remote connections to a server.
Secure Shell (SSH)
Is a standard for public key encryption and signing of MIME data in e-mails. Is designed to provide cryptographic protections to e-mails.
Secure/Multipurpose Internet
Mail Extensions (S/MIME)
Is a network protocol for securely delivering audio and video over IP networks.
Secure Real-time Transport
Protocol (SRTP)
The primary protocol for transmitting directory information. By default, LDAP traffic is transmitted insecurely. You can make LDAP traffic secure by using it with SSL.
Lightweight Directory Access
Protocol Over SSL (LDAPS)
Is the implementation of FTP over an SSL/TLS secured channel.
File Transfer Protocol, Secure (FTPS)
Is the use of FTP over an SSH channel. This leverages the encryption protections of SSH to secure FTP transfers.
SSH File Transfer Protocol (SFTP)
Is a standard for managing devices on IP-based networks. Was developed specifically to address the security concerns and vulnerabilities of SNMPv1 and SNMPv2.
Simple Network Management
Protocol, version 3 (SNMPv3)
Is the use of SSL or TLS to encrypt a channel over which HTTP traffic is transmitted.
Hypertext transfer protocol
over SSL/TLS (HTTPS)
Is a set of protocols designed to securely exchange packets at the network layer (layer 3) of the OSI model.
IPSec
Is one of the main protocols used for securing IP packets. ___________ provides data integrity, data origin authentication, and replay protection for the entire IP packet (both the IP header and the payload).
Authentication header (AH)
Is another key protocol used in IPSec (Internet Protocol Security) to provide security services for IP packets. Unlike the Authentication Header (AH), ___________ offers encryption, in addition to authentication and integrity protection, making it more comprehensive for securing IP traffic.
Encapsulating Security
Payloads (ESP)
A type of mode that provides encryption of source and destination IP addresses as well as of the data itself. This provides the greatest security, but it can be done only between IPSec servers (or routers) because the final destination needs to be known for delivery.
Tunnel mode
A type of mode that encrypts only the data portion of a packet, thus enabling an outsider to see source and destination IP addresses. This mode protects the higher-level protocols associated with a packet and protects the data being transmitted but allows knowledge of the transmission itself.
Transport mode
Are both protocols used for email retrieval from a mail server. They allow email clients (such as Outlook, Thunderbird, or Apple Mail) to access messages stored on a remote server and download them to the client device for reading and managing. POP is simpler and more suitable for users who primarily access their email from a single device and don’t need to keep messages synchronized across multiple devices. IMAP, on the other hand, offers more advanced features and is better suited for users who access their email from multiple devices and require synchronization between them.
Post Office Protocol (POP)/
Internet Message Access Protocol (IMAP)
