Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Security+ SY0-601 > Chapter 3: Exploring Network Technologies and Tools > Flashcards

Chapter 3: Exploring Network Technologies and Tools Flashcards

1
Q

What does ARP stand for and what does it do?

A

Address Resolution Protocol: Resolves IPv4 addresses to media access control (MAC) addresses.

See page 74 of CompTIA Security+ SY0-601: Get Certified Get Ahead by Darril Gibson for an in-depth study

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What does RTP stand for and what is its function?

A

Real-time Transport Protocol: Delivers audio (voice) and video over IP networks. This would include voice over IP communications, streaming media, video teleconferencing, and deceives that use web-based push-to-talk features.

See page 74 of CompTIA Security+ SY0-601: Get Certified Get Ahead by Darril Gibson for an in-depth study

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What does SRTP stand for and what is its function?

A

Secure Real-time Transport Protocol: Provides encryption, message authentication, and integrity for RTP. This protocol protects against replay attacks.

See page 74 of CompTIA Security+ SY0-601: Get Certified Get Ahead by Darril Gibson for an in-depth study

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What does SIP stand for and what is its function?

A

Session Initiation Protocol: Use to initiate, maintain, and terminate voice, video, and messaging sessions. After SIP establishes the session RTP or SRTP transports the audio or video.

See page 74 of CompTIA Security+ SY0-601: Get Certified Get Ahead by Darril Gibson for an in-depth study

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What does FTP stand for, its function, and what ports are used?

A

File Transfer Protocol: Used to upload, download, and transfer files to and from an FTP server in clear text.

FTP active mode uses TCP 21 for control signals and 20 for data
FTP passive (PASV) mode uses TCP 21 for control signals and a random port for data

See page 75 of CompTIA Security+ SY0-601: Get Certified Get Ahead by Darril Gibson for an in-depth study

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What does TFTP stand for, its function, and what ports are used?

A

Trivial File Transfer Protocol: Used to transfer smaller amounts of data (i.e. communicating with network devices) within a network in clear text and not over the internet.

TFTP uses UDP port 69

See page 75 of CompTIA Security+ SY0-601: Get Certified Get Ahead by Darril Gibson for an in-depth study

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What does SSH stand for, what is its function, and what ports are used?

A

Secure Shell: Provides encryption for traffic over the internet and is used to encrypt other protocols such as FTP (SFTP).

SSH uses TCP port 22 for encrypted traffic

See pages 75, & 76 - 77 of CompTIA Security+ SY0-601: Get Certified Get Ahead by Darril Gibson for an in-depth study

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What does SCP stand for and what is its function?

A

Secure Copy: is based on SSH and is used to copy encrypted files over a network.

See page 75 of CompTIA Security+ SY0-601: Get Certified Get Ahead by Darril Gibson for an in-depth study

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What does SSL stand for, what is its function, and what ports are used?

A

Secure Socket Layer: Used to encrypt HHTPS traffic, and other protocols such as LDAP and SMTP. It has since been deprecated due to vulnerabilities and replaced by TLS.

Ports used with SSL depend on the protocol it is encrypting, however, it is not recommended that SSL is used because it has known vulnerabilities.

See pages 75 & 76 of CompTIA Security+ SY0-601: Get Certified Get Ahead by Darril Gibson for an in-depth study

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What does TLS stand for, what is its function, and what ports are used?

A

Transport Layer Secure: Replaced SSL. Provides encryption for HTTPS traffic and is used to encrypt other protocols such as FTP (FTPS).

Many protocols that support TLS use STARTTLS which upgrades an unencrypted connection to an encrypted connection on the same port.

Ports used with TLS depend on the protocol it is encrypting.

See pages 75 & 76 of CompTIA Security+ SY0-601: Get Certified Get Ahead by Darril Gibson for an in-depth study

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What does IPSec stand for, what is its function, and what ports are used?

A

Internet Protocol Security: is used to encrypt IP traffic (IPv6 & IPv4) by encapsulating and encrypting IP packet/payload and uses tunnel mode to protect VPN traffic.

IPsec uses the Internet Key Exchange (IKE) over UDP port 500 to create a security association for VPN.

See pages 75, 128, & 129 of CompTIA Security+ SY0-601: Get Certified Get Ahead by Darril Gibson for an in-depth study

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What are the two main components of IPsec and their protocol ID (think in terms of the CIA triad)?

A

Authentication Header (AH): IPsec AH allows each of the IPsec conversation hosts to authenticate with each other before exchanging data. AH provides authentication and integrity.

AH uses protocol ID 51.

Encapsulating Security Payload (ESP): IPsec ESP encrypts data and provides confidentiality. ESP includes an AH and provides confidentiality, authentication, and integrity.

ESP uses protocol ID 50

See pages 75, 128, & 129 of CompTIA Security+ SY0-601: Get Certified Get Ahead by Darril Gibson for an in-depth study

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What does SFTP stand for, what is its function, and what ports are used?

A

Secure File Transfer Protocol: Uses SSH to encrypt FTP.

SFTP uses TCP port 22 to transmit data

See page 75 of CompTIA Security+ SY0-601: Get Certified Get Ahead by Darril Gibson for an in-depth study

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What does FTPS stand for, what is its function, and what ports are used?

A

File Transfer Protocol Secure: Is an extension of FTP and uses TLS to encrypt FTP traffic.

FTPS can use TCP port 21 (control signal) and TCP port 20 (data). Also, some implementations of FTPS use TCP ports 989 and 990.

See page 76 of CompTIA Security+ SY0-601: Get Certified Get Ahead by Darril Gibson for an in-depth study

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What does SMTP stand for, what is its function, and what ports are used?

A

Simple Mail Transfer Protocol: Sends emails between client and SMTP server.

SMTP uses TCP port 25 for unencrypted emails
SMTP uses TCP port 587 for encrypted emails using TLS

See page 76 of CompTIA Security+ SY0-601: Get Certified Get Ahead by Darril Gibson for an in-depth study

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What does POP3 stand for, what is its function, and what ports are used?

A

Post Office Protocol version 3: Transfers email from servers down to clients.

POP3 uses TCP port 110 for unencrypted connections
Secure POP uses TCP 995 for encrypted connections

See page 76 of CompTIA Security+ SY0-601: Get Certified Get Ahead by Darril Gibson for an in-depth study

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What does IMAP4 stand for, what is its function, and what ports are used?

A

Internet Message Access Protocol version 4: Use to store emails on the email server, as well as allow users to manage and organize emails in folders on the server.

IMAP4 uses TCP port 143 for unencrypted connections
Secure IMAP uses TCP port 993 for encrypted connection

See page 76 of CompTIA Security+ SY0-601: Get Certified Get Ahead by Darril Gibson for an in-depth study

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What does HTTP stand for, what is its function, and what ports are used?

A

Hyper Text Transfer Protocol: Transmits web traffic on the internet and in the intranets in clear text. Hypert Text Markup Language (HTML) is used to display webpages.

HTTP uses TCP port 80

See page 77 of CompTIA Security+ SY0-601: Get Certified Get Ahead by Darril Gibson for an in-depth study

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What does HTTPS stand for, what is its function, and what ports are used?

A

Hyper Text Transfer Protocol Secure: Encrypts web traffic using TLS (commonly displayed as HTTP over SSL/TLS).

HTTPS uses TCP 443

See page 77 of CompTIA Security+ SY0-601: Get Certified Get Ahead by Darril Gibson for an in-depth study

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What does LDAP stand for, what is its function, and what ports are used?

A

Lightweight Directory Acess Protocol: Specifies the formats and methods used to query directories, such as Microsoft Active Directory Domain Service.

LDAP uses TCP port 389 for unencrypted connection
LDAP Secure (LDAPS) uses TCP port 636 using TLS

See page 77 of CompTIA Security+ SY0-601: Get Certified Get Ahead by Darril Gibson for an in-depth study

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What does RDP stand for, what is its function, and what ports are used?

A

Remote Desktop Protocol: Used to connect to other systems from a remote location.

RDP uses either TCP port 3389 (more common) or UDP 3389. Port 3389 is normally blocked on a host-based or network-based firewall.

SSH can also be used to access systems remotely. Telnet has since been deprecated due to known vulnerabilities.

See pages 77 & 78 of CompTIA Security+ SY0-601: Get Certified Get Ahead by Darril Gibson for an in-depth study

22
Q

What is OpenSSH?

A

OpenSSH: tools simplify the use of SSH to connect to remote servers securely.

See pages 78 & 79 of CompTIA Security+ SY0-601: Get Certified Get Ahead by Darril Gibson for an in-depth study

23
Q

What are the SSH commands used to generate a key pair and copy the public key to a remote server for authentication?

A

ssh-keygen: This command generates two key files, one being a public key and the other a privite key
ssh-copy-id: This command copies the public key to the server to be used for autheication for future login

See pages 78 & 79 of CompTIA Security+ SY0-601: Get Certified Get Ahead by Darril Gibson for an in-depth study

24
Q

What does NTP stand for and what is its function?

A

Network Time Protocol: Most commonly used protocol for time synchronization.

See page 79 of CompTIA Security+ SY0-601: Get Certified Get Ahead by Darril Gibson for an in-depth study

25
Q

What does DHCP stand for and what is its function?

A

Dynamic Host Configuration Protocol: DHCP dynamically assigns IP addresses along with other TCP/IP information such as the subnet mask, default gateway, DNS server addesses, and musch more.

See page 79 of CompTIA Security+ SY0-601: Get Certified Get Ahead by Darril Gibson for an in-depth study

26
Q

What is function of DHCP Snooping and how does it function?

A

DHCP Snooping primary function is to prevent unauthorized DHCP servers (rouge DHCP servers) from operating on a network

When DHCP Snooping is enabled on a switch, all DHCP discover message (client’s broadcast lease message) is sent only to the trusted port(s) hosting an authorized DHCP server, rather than all the ports on a switch when DHCP Snooping is not enabled.

See page 80 of CompTIA Security+ SY0-601: Get Certified Get Ahead by Darril Gibson for an in-depth study

27
Q

“A” is what type of DNS record

A

“A” records hold the hostname and its IPv4 address. It is also called a host record.

See page 81 of CompTIA Security+ SY0-601: Get Certified Get Ahead by Darril Gibson for an in-depth study

28
Q

AAAA is what type of DNS record?

A

AAAA records hold the hostname and its corresponding IPv6 address.

See page 81 of CompTIA Security+ SY0-601: Get Certified Get Ahead by Darril Gibson for an in-depth study

29
Q

How do PTR records function in DNS?

A

Pointer Record (PTR) records allow for backward lookup (i.e., querying DNS with an IP address to produce a hostname).

See page 81 of CompTIA Security+ SY0-601: Get Certified Get Ahead by Darril Gibson for an in-depth study

30
Q

What is a MX record in DNS?

A

Mail exchange (MX) records identify mail servers for emails. When there is more than one mail sever in an MX record the sever with the lowest preference number is the primary mail server.

See page 81 of CompTIA Security+ SY0-601: Get Certified Get Ahead by Darril Gibson for an in-depth study

31
Q

What is a CNAME record in DNS?

A

Canonical name (CNAME) records allow for a single system to have multiple names associated with its signle IP address.

See page 81 of CompTIA Security+ SY0-601: Get Certified Get Ahead by Darril Gibson for an in-depth study

32
Q

What is an SOA record in DNS?

A

Start of Authority (SOA) records include information on DNS zones and some of their settings. For example, they include TTL (time to live) which indicates how long a record pulled from DNS should be cached.

See page 81 of CompTIA Security+ SY0-601: Get Certified Get Ahead by Darril Gibson for an in-depth study

33
Q

What is a DNS zone transfer? What are the ports used for transfers and client quires?

A

DNS zone transfer is the act of transferring DNS records from one DNS database to another.

DNS transfers use TCP port 53

Client queries to DNS use UDP port 53

See page 81 of CompTIA Security+ SY0-601: Get Certified Get Ahead by Darril Gibson for an in-depth study

34
Q

What is the function of DNSSEC and what Port does it use?

A

DNSSEC adds a Resource Record Signature (RRSIG), also known as a digital signature to DNS replies, which provides data integrity and authentications and helps prevents DNS poisoning attacks.

DNSEC uses TCP and UDP 53.

See page 81 of CompTIA Security+ SY0-601: Get Certified Get Ahead by Darril Gibson for an in-depth study

35
Q

What is the function of Nslookup and dig? Which OS do they belong to?

A

The Nslookup and dig tools help to test DNS functionality and its ability to map hostnames to IP addresses as well as troubleshooting problems related to DNS.

Nslookup is native to Windows systems
Dig is native to Linux systems

See page 82 of CompTIA Security+ SY0-601: Get Certified Get Ahead by Darril Gibson for an in-depth study

36
Q

What is STP and RSTP, and what are two common attacks they prevent

A

Spanning Tree Protocol (STP) and its newer version Rapid Spanning Tree Protocol (RSTP) are enabled on switches to prevent broadcast storms and switch loop or bridge loop attacks.

See page 85 of CompTIA Security+ SY0-601: Get Certified Get Ahead by Darril Gibson for an in-depth study

37
Q

What does BPDU stand for and what is its function?

A

Bridge Protocol Data Unit are messages sent by STP in a network to detect loops on switches. Switches exchange BPDU messages with each other using their non-edge ports. When loops are detected, STP shuts down or blocks traffic from switch ports sending redundant traffic.

See pages 85 & 86 of CompTIA Security+ SY0-601: Get Certified Get Ahead by Darril Gibson for an in-depth study

38
Q

What are ACLs and what is its function on a router?

A

Access control lists are rules implemented on routers (and on firewalls) to identify what traffic to allow or block.

ACLs do so by filtering packets based on IP address, ports, and protocols (ICMP or IPSec - based on protocol numbers), and using implicit deny.

See page 86 of CompTIA Security+ SY0-601: Get Certified Get Ahead by Darril Gibson for an in-depth study

39
Q

What is the function of the Route command?

A

The Route command is used to display or modify a system’s routing table on both Windows and Linux systems. Route command can also be used to verify route security.

See page 87 of CompTIA Security+ SY0-601: Get Certified Get Ahead by Darril Gibson for an in-depth study

40
Q

What is the function of the Route Print command?

A

Route Print lists all the system’s known paths to other networks.

See page 87 of CompTIA Security+ SY0-601: Get Certified Get Ahead by Darril Gibson for an in-depth study

41
Q

What is the function of the Route Add command?

A

The Route Add command adds a path to a different network.

See page 87 of CompTIA Security+ SY0-601: Get Certified Get Ahead by Darril Gibson for an in-depth study

42
Q

What is the difference between stateful and stateless firewalls?

A

Stateless firewalls use rules outlined in the ACL to allow or block network packets by filtering packets based on features like IP, protocol (to include protocol ID numbers), and ports.

Stateful firewalls inspect network traffic and make decisions on the traffic base on the context or state of the traffic within a session.

See page 89 of CompTIA Security+ SY0-601: Get Certified Get Ahead by Darril Gibson for an in-depth study

43
Q

What does WAF stand for and what is its function?

A

Web Application Firewalls are specifically designed to protect a web application. A web server hosts the web application, and the WAF is placed between the web server and the web server client. It can also protect the web server from cross-site scripting (XSS) attacks.

See page 89 of CompTIA Security+ SY0-601: Get Certified Get Ahead by Darril Gibson for an in-depth study

44
Q

What is a NGFW?

A

Next Generation Firewall is an advanced firewall that has additional capabilities that are not seen in first-generation (stateless) and second-generation (stateful) firewalls.

It performs deep packet inspection adding application-level inspection as a core feature.

See page 89 of CompTIA Security+ SY0-601: Get Certified Get Ahead by Darril Gibson for an in-depth study

45
Q

What does NAT stand for, and what is its function and types?

A

Network Address Translation (NAT) is used to covert public IP addresses to private IP addresses and vice versa.

NAT can either be static (one-to-one public address mapping) or dynamic (one-to-many public address mapping or multiple public addresses map to a single private address).

See page 90 of CompTIA Security+ SY0-601: Get Certified Get Ahead by Darril Gibson for an in-depth study

46
Q

What does VLAN stand for and what is it function?

A

Virtual Local Area Network allows for the logical grouping of several different types of computers or separating (segmenting) them without regard to their physical location.

VLANs are also used to separate traffic types such as voice traffic on one VLAN and data traffic on another VLAN.

See page 93 of CompTIA Security+ SY0-601: Get Certified Get Ahead by Darril Gibson for an in-depth study

47
Q

What is the difference between a Transparent Proxy versus a Non-transparent Proxy?

A

A transparent proxy accepts and forwards clients’ requests without modifying them. In contrast, a non-transparent proxy can modify and filter users’ requests (i.e., URL filtering).

See page 95 of CompTIA Security+ SY0-601: Get Certified Get Ahead by Darril Gibson for an in-depth study

48
Q

What is the difference between forward proxy and a reverse proxy?

A

Forward proxy handles internal network client requests to access the internet. While a reverse proxy receives requests over the internet to access internal resources (typically web pages from a web server).

See pages 94 & 95 of CompTIA Security+ SY0-601: Get Certified Get Ahead by Darril Gibson for an in-depth study

49
Q

What does UTM stand for and what are common security features of it?

A

A Unified Threat Management system is a single solution that combines multiple security controls.

Common security features are URL filtering (acts like a proxy), malware inspection, content inspection (to include files, streaming audio, and video), and DDoS mitigator.

See pages 96 & 97 of CompTIA Security+ SY0-601: Get Certified Get Ahead by Darril Gibson for an in-depth study

50
Q

What is a Jump Server?

A

A jump server is a hardened server used to access and manage devices in another network with a different security zone (i.e., accessing servers in a screened subnet or a remote server).

See page 97 of CompTIA Security+ SY0-601: Get Certified Get Ahead by Darril Gibson for an in-depth study

51
Q

What does SNMPv3 stand for, what is its general function, and what ports are used?

A

Simple Network Management Protocol version 3 monitors and manages network devices, such as routers or switches. This includes modifying network device configurations or having the device report status back to a central network management system. Encrypts credentials.

SNMPv3 uses UDP ports 161 and 162

See page 98 of CompTIA Security+ SY0-601: Get Certified Get Ahead by Darril Gibson for an in-depth study

52
Q

What ports are used for DNS zone transfers and name resolution queries of DNS?

A

DNS zone transfers use TCP port 53

Name resolution queries of DNS use UDP port 53

See page 81 of CompTIA Security+ SY0-601: Get Certified Get Ahead by Darril Gibson for an in-depth study

Security+ SY0-601 (11 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions