8.1 Flashcards
SSH
Port: tcp/22
Name: Secure Shell
Description: Encrypted,console,login
DNS
Port: udp/53 tcp/53
Name: Domain Name System
Description: Convert domain names to IP addresses
SMTP
Port: tcp/25
Name: Simple mail Transfer Protocol
Description: Transfer email between mail servers
SFTP
Port: tcp/22 udp/22
Name: Secure (SSH) File Transfer Protocol
Description: provides file access, file transfer, and file management over any reliable data stream
FTP
Port: 20 TCP/UDP, 21 TCP/UDP
Name: File Transfer Protocol
Description:Sends and receives files between systems
TFTP
Port: 69 TCP and UDP
Name: Trivial File Transfer Protocol
Description: A,very,simple,file,transfer,application
TELNET
Port: 23 TCP
Name: Telecommunication Network
Description: Remote console login to network devices
DHCP
Port: 67 TCP and UDP 68 TCP and UDP
Name: Dynamic Host Configuration Protocol
Description: Update to BOOTP
HTTP
Port: 80 TCP and UDP
Name:Hypertext Transfer Protocol
Description: Web server communication
HTTPS
Port: 443 TCP and UDP
Name: HTTP over Secure Sockets Layer
Description: Web server communication with encryption
SNMP
Port: 162 TCP and UDP
Name: Simple Network Management
Protocol
Description: Gather statistics and manage network devices
RDP
Port: 3389 TCP and UDP
Name: Remote Desktop Protocol
Description: Graphical display of remote device
NTP
Port: 123 TCP and UDP
Name: Network Time Protocol
Description: clock synchronization between computer systems over packet-switched, variable-latency data networks
SIP
Port: 5060 TCP and UDP 5061 TCP
Name: Session Initiation Protocol
Description: Voice over IP signaling protocol
SMB
Port: 445 TCP
Name: Microsoft Server Message Block (SMB) File Sharing
Description: Windows file transfers and printer sharing
POP
Port: Post Office Protocol
Name: 110 TCP
Description: Receive mail into a mail client
IMAP
Port: 143 TCP
Name: internet Message Access Protocol
Description: A newer mail client protocol
LDAP
Port: 389 TCP and UDP
Name: Lightweight Directory Access Protocol
Description: used to access and manage directory information
LDAPS
Port: 636 TCP and UDP
Name: Lightweight Directory Access Protocol over TLS/SSL
Description: used to provide either server or mutual (server and client) authentication
H.323
Port: 1720 TCP
Name: H.323 Call Signaling
Description: Voice over IP signaling
access control lists (ACLs)
Firewalls use filtering rules, which are sometimes called _____, to identify allowed and blocked traffic. A rule identifies specific characteristics:
Firewall
a software- or hardware-based network security system that allows or denies network traffic according to a set of rules.
Unified Threat Management (UTM) Device
combines multiple security features into a single network appliance
Can provide several security features:
- Firewall
- VPN
- Ant-spam Antivirus
- Load balancing
An NGFW:
combines a traditional firewall with other network device filtering functionalities like an application firewall
- Tracks the state of traffic based on layers 2 through 7 —
- Utilizes an intrusion protection system (IPS)
- Tracks the identity of the local traffic device and user ( LDAP, RADIUS, Active Directory) C
- an be used in bridged and routed modes Utilizes external intelligence sources
Content Filters
Control traffic based on network data
- Filter email - avoid malicious software, phishing, and viruses
- Filter URLs - filter by web site category
Proxy server
-Control both inbound and outbound traffic.
Increase performance by caching frequently accessed content.
- Content is retrieved from the proxy cache instead of the original server.
- Filter content and restrict access depending on the user or specific website.
- Shield or hide a private network.
Intrusion Detection Systems (IDS)
analyze and monitor network traffic for signs that indicate attackers are using a known cyberthreat to infiltrate or steal data from your network.
Intrusion Prevention Systems (IPS)
live in the same area of the network as a firewall, between the outside world and the internal network.
DMZ (Demilitarized Zone)
is a buffer network (or subnet) that sits between the private network and an untrusted network (such as the internet).
Packet Filtering Firewall
Operates at OSI Layer 3 (Network layer).
Circuit-Level Gateway
Operates at OSI Layer 5 (Session layer).
Application-Layer Firewall
Operates at OSI Layer 7 (Application layer).
MAC Filtering
refers to a security access control method whereby the MAC address assigned to each network card is used to determine access to the network.