Chapter 12 - Network Security

Question 1

Advanced Encryption Standard (AES)

Answer 1

Released in 2001, AES is typically considered the preferred symmetric encryption algorithm. AES is available in 128-bit key, 192-bit key, and 256-bit key versions.

Question 2

Asymmetric encryption

Answer 2

With asymmetric encryption, the sender and receiver of a packet use different keys.

Question 3

Authentication Header (AH)

Answer 3

An IPsec protocol that provides authentication and integrity services. However, it does not provide encryption services.

Question 4

Buffer overflow

Answer 4

This attack occurs when an attacker leverages a vulnerability in an application, causing data to be written to a memory area (that is, a buffer) that’s being used by a different application.

Question 5

Challenge-Response Authentication Mechanism Message Digest 5 (CRAM-MD5)

Answer 5

A common variant of HMAC frequently used in e-mail systems. Like CHAP, CRAM-MD5 only performs one-way authentication (the server authenticates the client).

Question 6

Denial of service (DoS)

Answer 6

A DoS attack floods a system with an excessive amount of traffic or requests, which consumes the system’s processing resources and prevents the system from responding to many legitimate requests.

Question 7

Distributed denial of service (DDoS)

Answer 7

These attacks can increase the amount of traffic flooded to a target system. Specifically, an attacker compromises multiple systems, and those compromised systems, called zombies, can be instructed by the attacker to simultaneously launch a DDoS attack against a target system.

Question 8

Encapsulating Security Payload (ESP)

Answer 8

An IPsec protocol that provides authentication, integrity, and encryption services.

Question 9

FTP bounce

Answer 9

Use FTP PORT command to open a connection on FTP server to attack.

Question 10

Generic Routing Encapsulation (GRE)

Answer 10

A tunneling protocol developed by Cisco Systems that can encapsulate a wide variety of network layer protocol packet types inside IP tunnels. This creates a virtual point-to-point link to various brands of routers at remote points over an Internet Protocol (IP) internetwork.

Question 11

GNU privacy guard (GPG)

Answer 11

A free variant of pretty good privacy (PGP), which is an asymmetric encryption algorithm.

Question 12

Internet Key Exchange (IKE)

Answer 12

A protocol used to set up an IPsec session.

Question 13

Internet Security Association and Key Management Protocol (ISAKMP)

Answer 13

Negotiates parameters for an IPsec session.

Question 14

IP Security (IPsec)

Answer 14

A type of VPN that provides confidentiality, integrity, and authentication.

Question 15

Kerberos

Answer 15

A client-server authentication protocol that supports mutual authentication between a client and a server. Kerberos uses the concept of a trusted third party (a key distribution center) that hands out tickets to be used instead of a username and password combination.

Question 16

Pretty good privacy (PGP)

Answer 16

PGP is a widely deployed asymmetric encryption algorithm and is often used to encrypt e-mail traffic.

Question 17

Public key infrastructure (PKI)

Answer 17

A PKI system uses digital certificates and a certificate authority to allow secure communication across a public network.

Question 18

Remote Authentication Dial-In User Service (RADIUS)

Answer 18

A UDP-based protocol used to communicate with a AAA server. Unlike TACACS+, RADIUS does not encrypt an entire authentication packet, but only the password. However, RADIUS offers more robust accounting features than TACACS+. Also, RADIUS is a standards-based protocol, whereas TACACS+ is a Cisco proprietary protocol.

Question 19

RSA

Answer 19

A popular and widely deployed asymmetric encryption algorithm.

Question 20

Single sign-on (SSO)

Answer 20

Allows a user to authenticate once to gain access to multiple systems, without requiring the user to independently authenticate with each system.

Question 21

Stateful firewall

Answer 21

Inspects traffic leaving the inside network as it goes out to the Internet. Then, when returning traffic from the same session (as identified by source and destination IP addresses and port numbers) attempts to enter the inside network, the stateful firewall permits that traffic. The process of inspecting traffic to identify unique sessions is called stateful inspection.

Question 22

Symmetric encryption

Answer 22

With symmetric encryption, both the sender and the receiver of a packet use the same key (a shared key) for encryption and decryption.

Question 23

Unified threat management (UTM)

Answer 23

A firewall or gateway that attempts to bundle multiple security functions into a single physical or logical device.

Question 24

Virtual private network (VPN)

Answer 24

Some VPNs can support secure communication between two sites over an untrusted network (for example, the Internet).