Ch3: Exploring Network Technologies and Tools Flashcards

1
Q

SSH

A

(Secure shell) Encrypts traffic over TCP port 22

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Replacement for SSL

A

TLS (Transport Layer Security)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

SFTP

A

Secure FTP uses SSH to encrypt traffic

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

FTPS

A

FTP Secure uses TLS to encrypt traffic

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Vulnerability compromising SSL

A

POODLE (padding oracle on downgraded legacy encryption)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

SMTP

A

Simple mail transfer protocol transfers email between clients and SMTP servers (TCP port 25)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

POP3

A

Post Office Protocol v3 tranfers email from servers down to clients (TCP port 110)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Secure POP3

A

Secure POP3 encrypts POP3 with SSL or TLS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

IMAP4

A

Internet Message Access Protocol v4 stores email on an email server, allowing a user to organize and manage email in folders on the server (TCP port 143)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

HTTP

A

Hypertext Transfer Protocol transmits web traffic on the Internet (TCP port 80)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

HTTPS

A

Encrypted web traffic via SSL or TLS (TCP port 443)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

STARTTLS

A

allows an encrypted version of the protocol to use the same port as the unencrypted version

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Admins connect to servers remotely using…

A

Protocols such as SSH and RDP, or VPNs in some cases

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Private/unroutable IP addresses are specified in

A

RFC 1918

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Private/unrouteable IP addresses

A

10.x.x.x, 172.16.x.x - 172.31.x.x, 192.168.x.x

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

IPv4 and IPv6 address widths (in bits)

A

32-bit addresses (4 groups of decimal digits 0-255) and 128-bit addresses (8 groups of 4 hex digits)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

DNS A record

A

Host record, which holds the host name and IPv4 address. (most commonly used record in a DNS server)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

DNS AAAA record

A

Host record for IPv6, which holds the host name and IPv6 address

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

DNS zones

A

Zones are like databases that contain the DNS data in multiple records, like A and AAAA records.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

DNS ports

A

TCP 53 for zone transfers, UDP 53 for client queries

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

DNS Zone Transfer

A

The process of DNS servers sharing information with each other

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Most DNS servers run…

A

BIND software on Unix/Linux

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Most DNS servers are configured to…

A

only use secure zone transfers

24
Q

DNS (cache) poisoning is

A

when attackers modify the DNS cache with a bogus IP address

25
Q

To prevent DNS poisoning, use…

A

DNSSEC (DNS Security Extensions), which uses digital signatures to validate responses

26
Q

Cmd-line tools to test DNS

A

Nslookup (Microsoft) and dig (Linux)

27
Q

IANA

A

Internet Assigned Numbers Authority maintains a list of official port assignments

28
Q

IANA 3 Port Ranges

A

0-1023: well-known ports
1024-49,151: registered ports (companies, i.e. SQL server)
49,152-65,535: dynamic and private

29
Q

Port vs. protocol number

A

Port is the logical OS-defined connection endpoint associated with a service. Protocol number identifies the specific protocol as defined by IP (e.g. IPv4 header)

30
Q

Switch vs. router

A

Switch connects hosts together within a network. Router connects networks together to create a larger network

31
Q

(Switch) Port security includes

A

disabling unused ports, limiting the number of MAC addresses per port. Advanced implementations restrict each physical port to a single specific MAC

32
Q

Loop protection protects against…

A

switching loop problems, like when 2 ports of a switch are connected together

33
Q

STP, RSTP are

A

loop protection protocols (spanning tree protocol, rapid STP)

34
Q

Routers and stateless firewalls perform basic filtering with…

A

ACLs to identify what traffic is allowed and what is blocked

35
Q

An ACL can control traffic based on…

A

networks, subnets, IP addresses, ports, and some protocols

36
Q

Implicit deny

A

Blocks all accesses that have not been explicitly granted

37
Q

Antispoofing methods…

A

Block traffic based on ACL rules

38
Q

xtables

A

Tables for firewalls (like ACLs) including iptables, ipv6tables, arptables, etc.

39
Q

Host-based firewall

A

Provides protection for individual hosts, like servers or workstations

40
Q

Network-based firewall

A

Dedicated servers or appliances that provide protection for the network

41
Q

To enforce an implicit deny strategy, firewalls use a…

A

Deny any any, deny any, or drop all statement at the end of the ACL

42
Q

WAF

A

Web application firewall provides strong protection for a web server

43
Q

Stateless firewall

A

Blocks traffic using an ACL

44
Q

Stateful firewall

A

Blocks traffic based on the state of the packet within a session

45
Q

DMZ

A

Demilitarized zone is a buffer zone between the Internet and an internal network (e.g. between two firewalls…one protecting DMZ from Internet and the other protecting intranet from DMZ)

46
Q

NAT

A

Network Address Translation translates public IP addresses to private IP addresses, and vice versa

47
Q

Common form of NAT

A

Port address translation (PAT)

48
Q

Static NAT

A

Uses a single public IP address in a one-to-one mapping

49
Q

Dynamic NAT

A

Uses multiple public IPs in a one-to-many mapping, based on load

50
Q

VLANs

A

Virtual LANs separate or segment traffic on physical networks. You can create multiple VLANs with a single Layer 3 switch. VLANs can logically group several different computers together

51
Q

Proxy server

A

Forwards requests for services from a client, providing caching to improve performance and reduce Internet bandwidth usage (outgoing, for clients)

52
Q

Transparent proxy servers

A

Use URL filters to restrict access to certain sites and can log user activity

53
Q

Reverse proxy

A

Accepts requests from the Internet on behalf of a web server (incoming, for web servers). Can sit in a DMZ for increased security and load balancing

54
Q

UTM appliance

A

A Unified Threat Management appliance combines multiple security controls into a single appliance. They can inspect data streams, filter URLs, inspect malware, and content. Many include DDoS mitigators

55
Q

SNMPv3

A

Simple Network Management Protocol v3 manages and monitors network devices using UDP ports 161 and 162. Includes strong authentication mechanisms, and more secure than previous versions