Ch8 Secure Applications and Protocols Flashcards

1
Q

HTTPS uses ___ for encryption

A

Transport Layer Security (TLS)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

___ was originally developed to encrypt websites, but is now used by many applications and protocols

A

Transport Layer Security (TLS)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Secure Sockets Layer (SSL) was developed by Netscape in the ‘90’s, but was later usurped by ___

A

Transport Layer Security (TLS)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

TLS uses ___ for authentication

A

RSA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

the OSI seven-layer model contains the following layers:

A

Physical; Data Link; Network; Transport; Session: Presentation; Application

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

the TCP network model contains the following 4 layers:

A

Network Interface; Internet; Transport; Application

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

the IPv4 address ranges dedicated to private networks include:

A
  1. 0.0.0 - 10.255.255.255
  2. 16.0.0 - 73.31.255.255
  3. 168.0.0 - 192.168.255.255
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

a link local IPv6 address will always begin with ___

A

FE80

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

___ is a connection-oriented protocol which uses a 3-way handshake and can transport a large number of packets of data

A

TCP (Transmission Control Protocol)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

___ is a transport protocol that can send a large number of packets quickly because there is no confirmation of reciept

A

UDP (User Datagram Protocol)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

___ is a transport protocol that sends one packet at a time, usually for maintenance purposes

A

ICMP (Internet Control Message protocol)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

TCP Ports 20 - 21

A

FTP/FTPS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

TCP Port 22

A

FTP/SFTP/SSH (secure remote shell)/SCP (secure copy)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

TCP Port 23

A

Telnet remote shell

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

TCP Port 25

A

SMTP (mail send)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

TCP Port 49

A

TACACS Plus - secure authentication/authorization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

TCP Port 53

A

DNS - Domain Name System

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

TCP Port 80

A

HTTP (unsecured)

19
Q

TCP Port 110

A

POP - mail receive

20
Q

TCP Ports 137-139

A

Netbios (Microsoft file transfer)

21
Q

TCP Port 143

A

IMAP - Internet Message Access Protocol - mail receive

22
Q

TCP Port 389

A

LDAP - lightweight directory access protocol

23
Q

TCP Port 443

A

HTTPS

24
Q

TCP Port 445

A

SMN - Server Message Block - file transfer

25
Q

TCP Port 3389

A

RDP - remote desktop

26
Q

UDP Port 67-68

A

DHCP - dynamic IP

27
Q

UDP Port 69

A

TFTP - Trivial FTP

28
Q

UDP Port 161-162

A

SNMP - network control

29
Q

TCP Port 465

A

SMTP with SSL encryption

30
Q

TCP Port 587

A

SMTP with TLS encryption

31
Q

TCP Port 993

A

IMPA with TLS encryption

32
Q

TCP Port 995

A

POP with TLS encryption

33
Q

switching from DNS to DNSSEC will require ___

A

upgrading the physical server

34
Q

for protection, servers should generally be placed within the ___ of the network

A

DMZ

35
Q

to relieve the burden of encryption/decryption, individual servers can be equipped with an ___, or it can be handled by a dedicated box

A

SSL Accelerator

36
Q

a ___ can not only make a network run more efficiently, but also protect against DDoS attacks

A

Load Balancer

37
Q

a Load Balancer on a network will often also have a ___ to protect against Distributed Denial of Service attacks

A

DDoS Mitigator

38
Q

the ___ model for code development is generally considered too linear and rigid for today’s business environment, and is being replaced by the ___ model

A

waterfall; agile

39
Q

in an agile work environment, short meetings called __ are used to expedite production objectives called ___

A

scrums; sprints

40
Q

___ analyze the text of code looking for syntax and other common errors

A

static analyzers

41
Q

in ___ code is run, and is analyzed for memory leaks and database query problems

A

dynamic analysis

42
Q

in testing Code, ___ is where a real-world environment is created in a sandbox and stress applied to the syste

A

staging

43
Q

in testing Code, ___ is where the code is reviewed to confirm that it still meets the original the original specs and criteria

A

Model Verification