3.1 Given a scenario, implement secure protocols. Flashcards

1
Q

AH protocol

A

The Authentication Header (AH) protocol performs a cryptographic hash on the packet plus a shared secret key (known only to the communicating hosts) and adds this Hashed Message Authentication Code (HMAC) in its header as an Integrity Check Value (ICV).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

IPSec

A

Internet Protocol Security (IPSec) is a set of open, non-proprietary standards that you can use to secure data as it travels across the network or the Internet.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Tunnel mode

A

Tunnel mode is when the whole IP packet (header and payload) is encrypted and a new IP header added.
Tunnel mode is for communications between VPN gateways across an unsecure network. This mode is ideal when securing communication between regional offices over the Internet.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Remote access

A

Remote access refers to the user’s device connecting over or through an intermediate network, usually a public Wide Area Network (WAN). It does not make a direct cabled or wireless connection to the network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Unified Communications

A

messaging applications that combine multiple communications channels and technologies into a single platform. These communications channels can include voice, messaging, interactive whiteboards, data sharing, email, and social media.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Fingerprinting

A

Fingerprinting is when a port scanner uses a tool such as Nmap that can reveal the presence of a router and which dynamic routing and management protocols it is running.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Route injection

A

Route injection means that traffic is misdirected to a monitoring port (sniffing), sent to a blackhole (non-existent address), or continuously looped around the network, causing DoS.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What does transport mode do in IPSec?

A

The transport mode is used by IPsec to provide encrypted communication by only encrypting the payload. This method is used mostly in private networks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What port does DNSSEC traffic use?

A

TCP 53

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What port does Kerberos use?

A

88

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What port does DNS use?

A

UDP 53

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What port is used for LDAP

A

UDP 389

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Kerberos

A

Kerberos is the default Windows secure authentication and authorization protocol for directory services. It is a single sign-on service based on a time-sensitive ticket-granting system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

ESP Protocol

A

The Encapsulation Security Payload (ESP) protocol provides confidentiality and/or authentication and integrity. It encrypts the data payload.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

TLS 1.2

A

Transport Layer Security (TLS) 1.2 added support for the strong Secure Hash Algorithm (SHA)-256 cipher. That is the primary difference between TLS 1.1 and TLS 1.2.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

TLS 1.1

A

TLS 1.1 added the improvement to the cipher suite negotiation process and protection against known attacks but does not support the SHA-256 cipher.

17
Q

SSL 3.0

A

Secure Sockets Layer (SSL) 3.0 is less secure than any of the TLS versions and does not support SHA-256 cipher.

18
Q

SSL 2.0

A

SSL 2.0 is deprecated and should only be deployed when subject to risk assessments. This version does not support the SHA-256 cipher.

19
Q

S/MIME

A

Secure/Multipurpose Internet Mail Extensions (S/MIME) is a widely accepted method for sending digitally signed and encrypted messages. It allows the sender to encrypt the emails and digitally sign them.

20
Q

Where does a top-level NTP server obtain the UTC from?

A

Atomic clock

21
Q

What stratum is the NTP server?

A

stratum 1, it is the top level and must gets it time from a top level source( atomic clock) Stratum 2 servers must get there time from a stratum 1 server.

22
Q

SRTP

A

Secure real-time transport protocol (SRTP) encrypts actual real-time data, like voice and video. It provides confidentiality for the actual call data.

23
Q

SIP

A

Session initiation protocol (SIP) provides session management features between SIP endpoints and/or gateways.

24
Q

SIPS

A

Session initiation protocol secure (SIPS) provides a secure tunnel using transport layer security (TLS) to authenticate the endpoints and establish a secure exchange of session information.

25
Q

QoS

A

Quality of service (QoS) provides information about the connection to a QoS system, which in turn ensures that voice or video communications are free from problems, such as dropped packets, delay, or jitter.

26
Q

SNMPv3

A

Simple Network Management Protocol (SNMP) v3 supports encryption and strong user-based authentication. Instead of community names, the agent is configured with a list of usernames and access permissions.

27
Q

SNMPv1

A

SNMPv1 uses community names that are sent in plaintext and should not be transmitted over the network if there is any risk they could be intercepted.

28
Q

SNMPv2c

A

SNMPv2c also uses community names that are sent in plaintext and should not be transmitted over the network, if there is any risk they could be intercepted. Like SNMPv1, this protocol does not support strong user-based authentication.

29
Q

MIB

A

Management Information Base (MIB) is the database that the SNMP agent uses. The agent is a process that runs on a switch, router, server, or SNMP compatible network device.

30
Q

FTPS

A

File Transfer Protocol over SSL (FTPS) implicitly negotiates a Secure Sockets Layer/Transport Layer Security (SSL/TLS) tunnel before the exchange of any File Transfer Protocol (FTP) commands. This mode uses the secure port 990 for the control connection.

31
Q

FTPES

A

Explicit FTP over SSL (FTPES) uses the AUTH TLS command to upgrade an unsecure connection established over port 21 to a secure one. This negotiates a SSL/TLS tunnel explicitly and is preferred over FTPS.

32
Q
A