Chapter 3 - Implementation Flashcards
Domain Name System Security Extensions (DNSSEC)
Validates DNS responses such as origin authentication and data integrity
Prevents attackers from manipulating or poisoning the responses to DNS requests
Secure Shell (SSH)
An encrypted terminal communication that provides secure terminal communication and file transfer features
Secure/ Multipurpose Internet Mail Extensions (S/MIME)
Keep emails confidential
Allows to protect information and provide digital signatures
Secure Real-time Transport Protocol (SRTP)
Take normal conversation across the network and add encryption so nobody can listen to your conversation
Uses AES
HMAC-SHA1
Lightweight Directory Access Protocol Over SSL (LDAPS)
Used for reading and writing directories over an Internet Protocol network
Uses SSL and/ or Simple Authentication and Security Layer (SASL)
File Transfer Protocol, Secure (FTPS)
Transferring files securely between devices
Uses SSL for encryption
SSH File Transfer Protocol (SFTP)
Provides secure file system functionality
Resuming interrupted transfers, directory listings, remote file removal
Uses SSH for encryption
Simple Network Management Protocol, Version 3 (SNMPv3)
Used for security when querying routers and switches
Provides confidentiality, integrity, and authentication
Hypertext Transfer Protocol over SSL/TLS (HTTPS)
Secure version of HTTP
Used for making sure our browser communication is running over an encrypted connection
IPSec
Communicating between two locations across the internet in a secure form - encryption and packet signing (integrity)
IPSec - Authentication Header (AH)/ Encapsulating Security Payloads (ESP)
AH - provides integrity
ESP - provides encryption
IPSec - Tunnel/ Transport
Tunnel mode is used to create virtual private networks for network-to-network communications
Transport mode, only the payload of the IP packet is usually encrypted or authenticated
Post Office Protocol (POP)/ Internet Message Access Protocol (IMAP)
A way to send and receive email securely
Both use SSL for encryption
Protocol Use Cases - Voice and Video
Use SRTP
Keeps conversations private by using AES
Protocol Use Cases - Time Synchronization
Use NTPsec
Secure network time protocol
Protocol Use Cases - Email and Web
Email - Use S/MIME
Web - Use HTTPS over SSL/ TLS
Protocol Use Cases - File Transfer
Use FTPS or SFTP (SSH File Transfer Protocol)
Protocol Use Cases - Directory Services
Use LDAP
Protocol Use Cases - Remote Access
Use SSH
Protocol Use Cases - Domain Name Resolution
Use DNSSec
Protocol Use Cases - Routing and Switching
Use SSH with SNMPv3 and HTTPS
Protocol Use Cases - Network Address Allocation
Use DHCP
Protocol Use Cases - Subscription Services
Use automation subscriptions with constant updates and check for encryption/ integrity checks
Dynamic Host Configuration Protocol (DHCP)
Assigning IP addresses and other communication parameters to devices connected to the network using a client–server architecture
Starvation Attacks