3.1 Implement Secure Protocols

Question 1

SRTP

Answer 1

• Secure real-time protocol
• Used for voice and video communication like VoIP
• SRTP (Secure Real-time protocol) adds encryption using AES, keeps convos private
• Additional security features

HMAC-ShA1 (hash-based message authentication code) Provides authentication, integrity, and replay protection using SHA1

Question 2

NTPsec

Answer 2

• NTPSec (secure network time protocol)
• Tiime synchronization
• Classic NTP has no security features used as amplifiers in DDOS attacks
• NTPsec – cleaned up code to remove vulnerabilities

Question 3

S/Mime

Answer 3

• Secure multipurpose internet mail extensions
• used to protect emails by using public and private key
• Can encrypt and digitally sign emails
• Requires PKI to manage keys

Question 4

Secure POP and Secure IMAP

Answer 4

• Receiving emails

- STARTTLS extension used to encrypt POP3 or use IMAP with SSL

Question 5

IPSEC

Answer 5

• Internet protocol secuirty
• Provides an encrypted tunnel for connections over the internet
• Confidentiality, and integrity/anti-replay through packet signing
• very standardized - multi-vendor implementations
• Two core IPsec protocols
  Authentication Header (Ah) - integrity
  Encapsulation Security Payload (ESP) - confidentiality through encryption

Question 6

DNSSEC

Answer 6

Normal DNS is easy to poison allows attackers to modify DNS requests
Domain name Security Extensions

Allows you to verify DNS responses to make sure that it’s coming from a server that you requested it from and that it wasn’t modified
- Origin Authentication and Data integrity

uses Public-key cryptography
- signed with a trusted third party and published in DNS
can be verified

Question 7

SNMPv3

Answer 7

• SImple network management protocol
• Used to query network devices like switches, routers for info
• v3 is the secure version
  provides confidentiality, integrity and authentication