Ch. 4 - Network Security Flashcards
What port number does File Transfer Protocol (FTP) use?
21
What port number does Telnet use?
23
What port number for Secure Shell (SSH)?
22
What port does Simple Mail Transfer Protocol (SMTP) use?
25
What port does Time Protocol use?
123
What port number does Domain Name Service use?
53
What port number does HTTP and HTTPS use?
80 and 443
What port number does LDAP and LDAPS use?
389 and 636
Port 21?
FTP - File Transfer Protocol
Port 22?
Secure Shell (SSH)
Port 23?
Telnet
Port 25?
SMTP - Simple Mail Transfer Protocol
Port 53?
DNS - Domain Name System
Port 80?
HTTP - Hypertext Transfer Protocol
Port 123?
NTP - Network Time Protocol
Port 389?
LDAP - Lightweight Directory Access Protocol
Port 443?
HTTPS - Hypertext Transfer Protocol Secure
Port 636?
LDAPS - Lightweight Directory Access Protocol Secure
A model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services)
that can be rapidly provisioned and released with minimal management effort or service provider interaction.
A. Virtualization
B. On-Premises Computing
C. Cloud Computing
D. Virtual Desktop Interface (VDI)
C. Cloud Computing
Source: NIST 800-145
A system in which the cloud infrastructure is provisioned for exclusive use by a specific community of consumers from organizations that have shared concerns (e.g., mission, security requirements, policy and compliance considerations). It may be owned, managed and operated by one or more of the organizations in the community, a third party or some combination of them, and it may exist on or off premises.
A. Community Cloud
B. Public Cloud
C. Hybrid Cloud
D. Private Cloud
A. Community Cloud
Source: NIST 800-145
The prevention of authorized access to resources or the delaying of time-critical operations. (Time-critical may be milliseconds or it may be hours, depending upon the service provided.) Typically, a one-to-one attack.
A. Denial-of-Service (DoS)
B. Phishing
C. Snarfing
D. Man-in-the-Middle
A. Denial-of-Service (DoS)
NIST SP 800-27 Rev A
The process and act of converting the message from its plaintext to ciphertext.
A. Decryption
B. Decapsulation
C. Encapsulation
D. Encryption
D. Encryption
The internet protocol (and program) used to transfer files between hosts.
File Transfer Protocol (FTP)
Port 21
A combination of public cloud storage and private cloud storage where some critical data resides in the enterprise’s private cloud while other data is stored and accessible from a public cloud storage provider.
A. Community Cloud
B. Public Cloud
C. Hybrid Cloud
D. Private Cloud
C. Hybrid Cloud
The provider of the core computing, storage and network hardware and software that is the foundation upon which organizations can build and then deploy applications. It’s popular in the data center where software and servers are purchased as a fully outsourced service and usually billed on usage and how much of the resource is used.
A. Platform as a Service (PaaS)
B. Infrastructure as a Service (IaaS)
C. Database as a Service (DaaS)
D. Software as a Service (SaaS)
B. Infrastructure as a Service (IaaS)
An attack where the adversary positions himself in between the user and the system so that he can intercept and alter data traveling between them.
A. Mantrap
B. Piggybacking
C. Man-in-the-Middle
D. Mancave
C. Man-in-the-Middle
Security standards that apply to merchants and service providers who process credit or debit card transactions.
A. PII
B. PCI DSS
C. HIPAA
D. DIA
B. Payment Card Industry Data Security Standard (PCI DSS)
The web-authoring or application development middleware environment that allows applications to be built in the cloud.
A. Platform as a Service (PaaS)
B. Infrastructure as a Service (IaaS)
C. Database as a Service (DaaS)
D. Software as a Service (SaaS)
A. Platform as a Service (PaaS)
The phrase used to describe a cloud computing platform that is implemented within the corporate firewall, under the control of the IT department. It’s designed to offer the same features and benefits of cloud systems, but removes a number of objections to the cloud computing model, including control over enterprise and customer data, worries about security, and issues connected to regulatory compliance.
A. Community Cloud
B. Public Cloud
C. Hybrid Cloud
D. Private Cloud
D. Private Cloud
The cloud infrastructure is provisioned for open use by the general public. It may be owned, managed, and operated by a business, academic, or government organization, or some combination of them. It exists on the premises of the cloud provider.
A. Community Cloud
B. Public Cloud
C. Hybrid Cloud
D. Private Cloud
B. Public Cloud
Source: NIST SP 800-145
The standard communication protocol for sending and receiving emails between senders and receivers.
Simple Mail Transport Protocol (SMTP)
Port 25
The cloud customer uses the cloud provider’s applications running within a cloud infrastructure. The applications are accessible from various client devices through either a thin client interface, such as a web browser or a program interface. The consumer does not manage or control the underlying cloud infrastructure including network, servers, operating systems, storage, or even individual application capabilities, with the possible exception of limited user-specific application capabilities with the possible exception of limited user-specific application capabilities configuration settings.
A. Platform as a Service
B. Infrastructure as a Service
C. Database as a Service
D. Software as a Service
D. Software as a Service
Source: NIST SP 800-145
Removing the design belief that the network has any trusted space. Security is managed at each possible level, representing the most granular asset.
A. Zero Trust
B. Zero Day
C. Zero Access
D. Zero Tolerance
A. Zero Trust
