Chapter 3 Concepts Flashcards
To understand concepts listed in Chapter 3 of Security+ book
Transmission Control Protocol
Transmission control protocol provides connection-oriented traffic (or guaranteed delivery). TCP uses a 3-way handshake to guarantee delivery. Client sends a SYN packet, server responds with a SYN/ACK packet, client responds with ACK packet to finish handshake.
User Datagram Protocol
User datagram protocol provides connectionless (or best effort) traffic. The ping command and audio/video streaming use UDP.
Internet Protocol
The internet protocol identifies hosts in a TCP/IP network and delivers traffic from one host to another using IP addresses. IPv4 uses 32 bit address and IPv6 uses 128 bit address
Internet Control Message Protocol
Internet control message protocol is used for testing basic connectivity and includes tools such as ping, pathping, and tracert.
Address Resolution Protocol
Address resolution protocol resolves IPv4 addresses to media access control (MAC) address. TCP/IP uses the IP address to get the packet to the correct network, but once it arrives on the network, it uses the MAC or ARP to get the packet to the correct host.
Real-Time Transport Protocol (RTP)
Real-time transport protocol is used to deliver audio and video over IP networks.
Secure Real-Time Transport Protocol (SRTP)
Secure real-time transport protocol provides encryption, message authentication, and integrity for real-time transport protocol.
File Transfer Protocol (FTP)
File transfer protocol uploads and downloads large files to and from an FTP server. FTP transmits data in cleartext. FTP active mode uses TCP port 21 for control signals and TCP port 20 for data. FTP passive mode uses TCP port 21 for signals but a random TCP port for data.
Trivial File Transfer Protocol (TFTP)
Trivial file transfer protocol use UDP port 69 and is used to transfer smaller amounts of data such as when communicating with network devices.
Secure Shell (SSH)
Secure shell (SSH) encrypts traffic in transit and can be used to encrypt other protocols such as FTP. When SSH encrypts traffic it uses TCP port 22.
Secure Sockets Layer (SSL)
Secure sockets layer (SSL) protocol was the primary method to secure HTTP traffic. It has been compromised and is not recommended for use.
Transport Layer Security (TLS)
Transport layer security (TLS) is the designated replacement for SSL.
IPsec
Internet protocol security (IPsec) is used to encrypt IP traffic. It is native to IPv6 but also works with IPv4. IPsec includes an Authentication Header (AH) using protocol ID number 51 and Encapsulation Security Payload (ESP) using protocol ID number 50. It uses the Internet Key Exchange (IKE) over UDP port 500 to create a security association for VPN.
Secure File Transfer Protocol (SFTP)
Secure file transfer protocol (SFTP) is a secure implementation of file transfer protocol (FTP). It is an extension of SSH to transmit files in an encrypted format. SFTP transmits data using TCP port 22
File Transfer Protocol Secure (FTPS)
File transfer protocol secure is an extension of file transfer protocol (FTP) and uses transport layer security (TLS) to encrypt FTP traffic. FTPS can use TCP port 989 and 990 or FTP ports 20 and 21.
