3.1 Implement secure protocols Flashcards
What is SRTP ?
Secure Real Time Protocol (or Secure RTP) use AES to encrypt the conversation over voice/video flow
What is NTP & NTPsec ?
- Network Time Protocol (NTP) is a networking protocol for clock synchronization between computer systems
- NTPsec: NTP secure version
What is S/MIME ?
Secure/ Multipurpose Internet Mail Extensions is a public key encryption mechanism that allows to protect the information using encryption and to provide digital signatures for integrity. It require PKI in place in order to manage these keys
What is Secure POP and Secure IMAP ?
It use a STARTTLS extension to encrypt POP3 with SSL or use IMAP with SSL
What is MIME protocol?
Multipurpose Internet Mail Extensions is an extension of the original Simple Mail Transport Protocol (SMTP) email protocol. It lets users exchange different kinds of data files, including audio, video, images and application programs, over email.
What are POP and IMAP protocol?
- POP: post office protocol is the most commonly used message request protocol in the Internet world for transferring messages from an e-mail server to an e-mail client. With POP3, the e-mail client requests new messages from the e-mail server, and the server “pops” all new messages out to the client.
- IMAP: POP3 downloads emails from a server to a single computer, making those emails only accessible on that specific computer. IMAP stores emails on a server and then syncs them across multiple devices. IMAP is more advanced than POP3 and allows you to access your email from anywhere, and on any device.
What is the difference between POP and SMTP ?
SMTP (“Simple Mail Transfer Protocol”) is used for sending and delivering from a client to a server via port 25: it’s the outgoing server. On the contrary, POP (“Post Office Protocol”) allows the user to pick up the message and download it into his own inbox: it’s the incoming server.
What is web protocol to make it secure ?
SSL/TLS which is use with HTTP protocol (HTTPS). It uses public key encryption methods and use public and private key paired in order to transfer symmetric key across the network so that a session key can then be used symmetrically during the communication
What is IPsec ?
Security for OSI Layer 3 and provide authentication and encryption for every packet.
It also provide packet signing for integrity and anti replay features.
IPsec use 2 protocols for its implementation
What are the 2 protocols used to implement IPsec ?
- Authentication Header (AH) which provides the integrity
- Encapsulation Security Payload (ESP) that provides the encryption
What is FTPS and SFTP ?
- FTPS: FTP over SSL (FTP-SLL), it uses SSL to provide the encryption
- SFTP: SSH File Transfer Protocol and use SSH to provide the encryption. SFTP also provide file system functionality such as resuming interrupted transfers, directory listings, remote file removal
What is LDAP & LDAPS ?
- Lightweight Directory Access Protocol is a protocol for reading and writing directories over an IP network. It is used in Windows Active Directory, Apple OpenDirectory, Open LDAP etc
- LDAPS: LDAP over SSL
What is SASL ?
Simple Authentication and Security Layer provides authentication using many different methods (i.e Kerberos or client certificate)
What is SSH ?
Secure Shell encrypt terminal communication and replaces Telnet (and FTP)
What is Domain name resolution ?
DNS had no security in the original design making it an easy target for attackers. To fix this DNSSEC was created and it validate DNS responses to provide the origin of the authentication to the DNS and data integrity. This is allow thanks to public key cryptography: hence DNS records are signed w/ trusted 3rd party
