3.1 Secure Protocols

Question 1

Define DNSSEC

Answer 1

1. Domain Name Security Extensions
2. Uses public-keys to create digital signature to verify the authenticity of communications

Question 2

Define SSH

Answer 2

1. Secure Shell
2. Used for encrypted remote terminal sessions

Question 3

Define SMIME (2)

Answer 3

1. Secure Multipurpose Internet Mail Extensions
2. Requires PKI - public/private key infrastructure

Question 4

Define Secure Real-Time Transport Protocol (SRTP)

Answer 4

Encryption for VOIP

Question 5

3 Additional Security Features (besides encryption) provided by Secure Real-Time Transport Protocol (SRTP)? Encryption algorithm?

Answer 5

1. Authentication
2. Integrity
3. Replay protection
4. HMAC SHA1

Commonly used for Skype, VOIP

Question 6

Define LDAPS

Answer 6

Lightweight Directory Access Protocol over SSL

Question 7

Define FTPS

Answer 7

FTP over SSL

Question 8

Define SFTP

Answer 8

FTP via SSH

Question 9

Define SNMPv3

Answer 9

Simple Network Management Protocol, version 3

Question 10

What 3 security features does SNMPv3 have that SNMP does not have?

Answer 10

1. Encryption
2. Integrity
3. Authentication

Question 11

Define HTTPS

Answer 11

1. Hyper Text Transfer Protocol over SSL or TLS
2. TLS is newer than SSL and has replaced it

Question 12

Define Internet protocol security IPSec

Answer 12

Allows encrypted transmission of data over public networks via Layer 3

Question 13

2 main protocols used by IPSec

Answer 13

1. AH authentication header - provides integrity
2. ESP encapsulation security payload - provides the encryption

Question 14

How can POP3 & IMAP be implemented securely?

Answer 14

Both can configured to communicate via secure channels using SSL/TLS

Question 15

How to secure NTP (2)

Answer 15

1. Network Time Protocol in its original form had no security
2. NTPsec (Secure NTP) should be used instead of NTP