Boot camp Flashcards

1
Q

Port 20/21 *

A
  • FTP (File Transfer Protocol)
  • Control communication (Port 21)
  • Transfer Files Port 20 (Active mode)
  • Layer 7 application
  • TCP port
  • TCP does have security built in (can require user name password)
  • often used to communicate across a network (unsecured, secured, probably using port 22)
  • Provides full functionality to transfer files
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Port 22 *

A
  • SSH (Secure Shell)
  • Designed to transmit data through a remote connection
  • allows you to interact at the command line level
  • if console connection is encrypted most likely using port 22 (otherwise using unsecured telenet)
  • OR SSH File Transfer Protocol
  • A completely separate protocol from FTP (it is not compliant with FTP servers) that uses SSH to encrypt file transfers
  • Layer 7 application
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Port 23

A
  • Telnet
  • Layer 7 application
  • Communicates with another devices command line
  • all communication in the clear
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Port 25 *

A
  • SMTP (Simple Mail Transfer Protocol)
  • Layer 7 application
  • can be used to send email to mobile devices (or one server to another)
  • If you’re receiving email messages, you’re probably using POP3 or IMAP. Whenever you’re sending email, it commonly uses SMTP.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Port 53

A
  • DNS (Domain Name System)
  • Used to associate IP addresses with domain names
  • Only UDP port need to know
  • Layer 7 application
  • when you type in a websites name needs to use DNS
  • converts names to IP addresses
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Port 49

A
  • TACACS+
  • Cisco proprietary protocol used for authentication, authorization, and accounting (AAA) services
  • Layer 7 application
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Port 67/68

A
  • DHCP (Dynamic Host Configuration Protocol)
  • This network management protocol is used to assign local IP addresses to devices on a network.
  • It is used to create multiple private IP addresses from one public IPv4 address.
  • Layer 7 application
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Port 80 *

A
  • HTTP (Hypertext Transfer Protocol)
  • Used for websites and most internet traffic. Web browser to web server traffic
  • Layer 7 application
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Port 88

A
  • Kerberos
  • Network authenticated protocol that allows for communication over a non-secure network
  • Layer 7 application
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Port 110 *

A
  • POP (Post Office Protocol)
  • basic Email protocol that allows e-mail clients to communicate with email servers.
  • POP provides only one-way communication
  • Layer 7 application
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Port 143/993 *

A
  • IMAP (Internet Message Access Protocol)
  • Email protocol used by email clients to communicate with email servers.
  • Provides 2 way communication unlike POP (110)
  • enhance feature over POP being able to access email from multiple devices and have multiple folders
  • Layer 7 application
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Port 161/162

A
  • SNMP (Simple Network Management Protocol)
  • Used to monitor and manage network devices on IP networks.
  • Layer 7 application
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Port 389

A
  • LDAP (Lightweight Directory Access Protocol)
  • Used to manage and communicate with directories.
  • Layer 7 application
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Port 443 *

A
  • HTTPS (Hypertext Transfer Protocol Secure)
  • Secure version of HTTP that used TLS for encryption. Most websites use HTTPS instead of HTTP.
  • Layer 7 application
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Port 636

A
  • LDAPS (Lightweight Director Access Protocol Secure)
  • Secure version of LDAP that uses TLS for encryption.
  • Layer 7 application
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Port 989/990

A
  • FTPS (Files Transfer Protocol Secure)
  • FTPS uses TLS for encryption. It can run on ports 20/21 but is sometimes allocated to ports 989/990
  • Layer 7 application
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Port 993

A
  • IMAPS (Internet Message Access Protocol Secure)
  • Secure version of IMAP that uses TLS for encryption
  • Layer 7 application
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Port 1812/1813

A
  • RADIUS (Remote Authentication Dial-In User Service)
  • Used to provide AAA for network services.
  • Layer 7 application
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Port 3868

A
  • Diameter
  • Developed as an upgrade to RADIUS
  • Layer 7 application
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Port 5004

A
  • SRTP (Secure Real Time Protocol)
  • SRTP replaced RTP and is a protocol used to stream audio and video communication using UDP
  • Layer 7 application
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Port 1701

A
  • L2TP (Layer 2 Tunneling Protocol)
  • Used to create point to point connections like VPNs over a UDP connection.
  • Needs IPSec for encryption
  • Designed as an extension to PPTP
  • Operates at the data link layer but encapsulates packets at the session layer
  • Layer 5 Session Layer
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

TCP

A
  • Transmission Control Protocol
  • Port N/A
  • One of two main protocols of the IP (Internet Protocol) suite used to transfer data over an IP network. TCP provides error checking to ensure packets are not lost in transit (expects a response unlike UDP)
  • Layer 4 Transport
23
Q

UDP

A
  • User Datagram Protocol
  • Port N/A
  • The second main protocol in the IP suite that transmits datagrams in a best effort method.
  • UDP does not include error checking.
  • Layer 4 Transport
24
Q

Port 1723

A
  • PPTP (Point to Point Tunneling Protocol)
  • Based on PPP.
  • Deprecated protocol for VPNs.
  • Layer 4 Transport
  • Layer 2 Data Link Layer
25
Q

Port 3389 *

A
  • Remote Desktop Protocol
  • Windows proprietary protocol that provides a remote connection between two computers
  • Layer 4 Transport
26
Q

OSI Model

A
  • From bottom to top
    1. Signaling - physical layer that is really dealing with connectivity. (Ex: cables, interfaces, network interface cards, hubs)
    2. Data Link - Frames are created and put on the network. (Ex: MAC addresses, switches, Extended Unique Identifier (IEEE term), EUI-48 or EUI-64 (these are the bit formats of a physical address)
    3. Network - Expects IP addresses to be here. (Also routers, this frame often called a “packet”. Everything at this Layer 3 and above is inside a packet)
    4. Transport - Protocols for transporting information from one side of the network to the other. Except to see TCP (Transmission Control Protocol) and UDP (User Datagram Protocol)
    5. Session - May see control protocols being used to set up / tear down a session . Protocols here might be used to set up tunnels b/n stations. They are tunneled into the next layer 6.
    6. Presentation - Encryption data sent back and forth happens here and gets ready to present to us in layer 7.
    7. Email level (application) - See the decrypted information that we were requesting. (Every time we send information it starts at level 7, works back to layer 1, goes across the network, and then reverses)
27
Q

TCP Port Range

A
  • 1 -> 65,535
  • Remember TCP Port 80 and UDP Port 80 are totally different
28
Q

Port 139

A
  • NetBIOS (if you have it on your network) Network Basic Input/Output Systems
  • Very common in Windows environments
  • may use this port
29
Q

WEP vs WPA

A
  • Wired Equivalent Protocol (used when 802.11 first came out.
  • Encryption methodology
  • Significant vulnerabilities
  • WPA - Uses 802.1x for authentication
  • WPA initially used TKIP
30
Q

TKIP

A
  • Used with WPA when it first came out
  • which encrypted the data that went by (TKIP was a stop gap method, big improvement over WEP and allowed us to use older hardware and maintain an encryption connection)
31
Q

WPA2

A
  • Should now be the standard
  • Allow AES level encryption (advanced encryption standard algorithm)
  • Used a protocol called CCMP
  • Ideally you want to use WPA2 with CCMP (not TKIP)
32
Q

MAC

A
  • Mandatory Access Control
  • Often used in highly secure environments / government
  • Requires you to configure separate security clearance levels and associate objects in the OS with one of those security levels
  • Then assign user with a minimum level of access
33
Q

MAC

A
  • Mandatory Access Control
  • Often used in highly secure environments / government
  • Uses classification levels (top secret, secret etc)
  • Requires you to configure separate security clearance levels and associate objects in the OS with one of those security levels
  • Then assign user with a minimum level of access
34
Q

RBAC

A
  • Role-Based Access Control
  • Associated with the type of role an individual has in a company
  • System or network admin would assign particular access control rights
35
Q

Attribute-Based Access Control

A

-

36
Q

Attribute-Based Access Control

A
  • Can define a number of different criteria that have to be evaluated that would then allow someone access to a resource
  • Allows a system administrator to define many different parameters
  • Ex: If a user wants to access a spreadsheet, the system will evaluate what type of resource, time of the day, what action they want to perform, etc.
37
Q

Rule-based access control

A
  • More generic term that can be applied across differ OS or in different ways to provide access
  • The system admin sets the rules, usually the rule is based on the object a user is trying to access.
  • Users can’t define whether someone else might have access
38
Q

PAM

A
  • Priveledge Access Management
  • Centralized way to handle elevated access to resources (still need to be concerned about the system admins)
  • Often used in large organizations, with many different administrators, you don’t automatically have administrator rights
  • They need to log into a centralized DB and then that is checked against their elevated access to confirm / deny
  • Priveledge often only lasts for a short duration
39
Q

MDM

A
  • Mobile Device Management
  • Allows us to keep track of where all these systems are, what data is on them and managing different aspects of mobile devices
40
Q

FDE

A
  • Full-Disk Encryption
41
Q

SED

A
  • Self encrypting Drives
42
Q

DLP

A
  • Data Loss Prevention
43
Q

OWASP

A
  • Application Security Verification Standard
  • Great way to ensure company is deploying secure code
44
Q

CIS

A
  • Focuses more on systems and networks than on internally developed code
45
Q

Thin clients

A
  • Main benefit, you can eliminate local storage, forcing storage on the server which enables you to easily monitor for changes to programs / files
46
Q

ISO 27001 vs ISO 27002

A
  • 27001 document is a standard that you can have your organization certified against
  • 27002 list of security controls and best practices you can implement to meet the afore mentioned requirements
  • 27002 provides a guideline and can be used by any organization looking to improve its security posture
47
Q

Privacy Threshold Assessment vs Privacy Impact Assessment

A
  • PTA: Simply used to determine whether there are any information privacy risks associated with a program performing while in use and if it needs to comply with privacy protection regulations
  • PIA: enumerates the PII collected by a company and demonstrates the maintenance, security, and sharing techniques that will be used to ensure compliance and avoid risk.
48
Q

Site to Site VPN

A
  • Allows both sites to always remain visible to each other
  • The connection b/n the two offices would be secure and seamless to end users
  • good for remote works
49
Q

SSL VPN

A
  • Requires that each computer have a VPN client installed and all users have their own VPN username and password
50
Q

Round robin

A
  • A way to configure a load balancer
  • each request goes to the next sever
  • ensures all servers getting the same load across everyone communicating on the network
  • Also weight and dynamic round robin
  • Type of active/ active
  • Not good if a user requires the same server each time
51
Q

PEAP

A
  • The Protected Extensible Authentication Protocol (PEAP) encapsulates Extensible Authentication Protocol (EAP) within a TLS tunnel and uses certificates for authentication.
52
Q

EAP FAST

A

Extensible Authentication Protocol - Flexible Authentication via Secure Tunneling (EAP-FAST) is a Cisco proprietary extension of EAP that uses Protected Access Credentials (PACs) to establish a TLS tunnel. Certificates are optional with EAP-FAST.

53
Q

EAP TLS

A

Extensible Authentication Protocol - Transport Layer Security (EAP-TLS), supports certificate-based mutual authentication and key derivation. EAP-TLS requires both a server and client-side certificate.

54
Q

EAP TTLS

A

Extensible Authentication Protocol - Tunneled Transport Layer Security (EAP-TTLS) is an extension to EAP-TLS. In EAP-TTLS the client does not have to be initially authenticated by a certificate to the server, simplifying setup. After initial authentication the server can authenticate the client using existing and legacy authentication protocols through the secure certificate-based TLS tunnel.