3.1 Given a scenario, implement secure protocols. Flashcards
AH protocol
The Authentication Header (AH) protocol performs a cryptographic hash on the packet plus a shared secret key (known only to the communicating hosts) and adds this Hashed Message Authentication Code (HMAC) in its header as an Integrity Check Value (ICV).
IPSec
Internet Protocol Security (IPSec) is a set of open, non-proprietary standards that you can use to secure data as it travels across the network or the Internet.
Tunnel mode
Tunnel mode is when the whole IP packet (header and payload) is encrypted and a new IP header added.
Tunnel mode is for communications between VPN gateways across an unsecure network. This mode is ideal when securing communication between regional offices over the Internet.
Remote access
Remote access refers to the user’s device connecting over or through an intermediate network, usually a public Wide Area Network (WAN). It does not make a direct cabled or wireless connection to the network.
Unified Communications
messaging applications that combine multiple communications channels and technologies into a single platform. These communications channels can include voice, messaging, interactive whiteboards, data sharing, email, and social media.
Fingerprinting
Fingerprinting is when a port scanner uses a tool such as Nmap that can reveal the presence of a router and which dynamic routing and management protocols it is running.
Route injection
Route injection means that traffic is misdirected to a monitoring port (sniffing), sent to a blackhole (non-existent address), or continuously looped around the network, causing DoS.
What does transport mode do in IPSec?
The transport mode is used by IPsec to provide encrypted communication by only encrypting the payload. This method is used mostly in private networks.
What port does DNSSEC traffic use?
TCP 53
What port does Kerberos use?
88
What port does DNS use?
UDP 53
What port is used for LDAP
UDP 389
Kerberos
Kerberos is the default Windows secure authentication and authorization protocol for directory services. It is a single sign-on service based on a time-sensitive ticket-granting system.
ESP Protocol
The Encapsulation Security Payload (ESP) protocol provides confidentiality and/or authentication and integrity. It encrypts the data payload.
TLS 1.2
Transport Layer Security (TLS) 1.2 added support for the strong Secure Hash Algorithm (SHA)-256 cipher. That is the primary difference between TLS 1.1 and TLS 1.2.