Chapter 3 Sec+

Question 1

OSI

Answer 1

Open System Interconnection

Question 2

TCP

Answer 2

Transmission Control Protocol

Question 3

UDP

Answer 3

User Datagram Protocol

Question 4

ACL

Answer 4

Access Control Lists

Question 5

Dos

Answer 5

Denial of Service

Question 6

ICMP

Answer 6

Internet Control Message Protocol

Question 7

ARP

Answer 7

Address Resolution Protocol

Question 8

FTP

Answer 8

File Transfer Protocol

Legacy used port 20, 21 TCP

Question 9

TFTP

Answer 9

Trivial File Transfer Protocol
Uses port 69 UDP
Usually disabled by admins

Question 10

SSL

Answer 10

Secure Socket Layer
Legacy used port 443 TCP and replaced by TLS

Question 11

TLS

Answer 11

Transport Layer Security
Uses port 443 TCP
Used to encrypt traffic over http

Question 12

IPsec

Answer 12

IP Security
Is used to encrypt IP Traffic
Uses port 500 and 4500 UDP

Question 13

SSH

Answer 13

Secure Shell
Encrypts traffic I’m transit and uses port 22 TCP

Question 14

SCP

Answer 14

Secure Copy

Is based on ssh and is used to copy encrypted files over the network

Question 15

SFTP

Answer 15

Secure File Transfer Protocol
Extension of SSH and encrypts files
Uses port 22 TCP

Question 16

FTPS

Answer 16

File Transfer Protocol Secure
Secure implementation of FTP
Uses TLS to encrypt traffic
Uses port 989 and 990 TCP

Question 17

SMTP

Answer 17

Simple Mail Transfer Protocol
Uses port 25 TCP

Question 18

SMTPS

Answer 18

Simple Mail Transfer Protocol Secure
Uses port 587 TCP

Question 19

POP3

Answer 19

Post Office Protocol Version 3
For unencrypted port 110 TCP
For Encrypted Port 995 TCP

Question 20

HTTP

Answer 20

Hyper Text Transfer Protocol
Legacy
Uses port 80

Question 21

HTTPS

Answer 21

Hyper Text Transfer Protocol Secure
Uses port 443 TCP

Question 22

DNS

Answer 22

Domain Name System

Question 23

SPF

Answer 23

Sender Policy Framework

Uses DNS Records to define which IP address are authorized to send emails on behalf of the domain

Question 24

DKIM

Answer 24

Domain Keys Identified Mail

Uses public key cryptography to sign and verify an emails domain content

Question 25

DMARC

Answer 25

Domain-Based Message Authentication Reporting and Conformance

Builds on top of SPF,and DKIM
Sets policy’s on how to handle emails that fail authentication check

Question 26

AD DS

Answer 26

Active Directory Domain Services

Question 27

LDAP

Answer 27

Lightweight Directory Access Protocol
Uses port 389 TCP

Question 28

LDAPS

Answer 28

Lightweight Directory Access Protocol Secure
Uses port 636 TCP

Question 29

RTP

Answer 29

Real-Time Transport Protocol
Delivers audio and Video over IP Networks

Question 30

VOIP

Answer 30

Voice Over Internet Protocol
Does communications, streaming etc

Question 31

SRTP

Answer 31

Secure Real Time Transport Protocol
Provides encryption,message authentication and integrity to RTP

Question 32

SIP

Answer 32

Session Initiation Protocol

Used to initiate, maintain, and terminate voice,video and message session

Question 33

GPO

Answer 33

Group Policy Object

Question 34

RDP

Answer 34

Remote Desktop Protocol

Admins and clients use RDP to connect to other systems from Remote Locations

Question 35

OpenSSH

Answer 35

Suite of tools that simplifies the use of ssh

Question 36

NTP

Answer 36

Network Time Protocol

Question 37

DHCP

Answer 37

Dynamic Host Configuration Protocol

Question 38

IPv4

Answer 38

Internet Protocol Version 4
Uses 32 bit IP address
100.100.100.100

Question 39

ISP

Answer 39

Internet Service Protocol

Question 40

IPv6

Answer 40

Internet Protocol Version 6

Question 41

IANA

Answer 41

Internet Assigned Number Authority

Question 42

IETF

Answer 42

Internet Engineering Task Force

Question 43

MX

Answer 43

Mail Exchange

Question 44

CNAME

Answer 44

Canonical Name

Question 45

TTL

Answer 45

Time to Live

Question 46

SOA

Answer 46

Start Of Authority

Question 47

DNSSEC

Answer 47

Domain Name Security Extension

Question 48

RRSIG

Answer 48

Resource Record Signature

Question 49

STP

Answer 49

Spanning Tree Prevention
Provide both Broadcast Storm Prevention and loop prevention

Question 50

RSTP

Answer 50

Rapid Spanning Tree Protocol

Question 51

BPDU

Answer 51

Bridge Protocol Data Unit
STP sends BPDU messages in a network to detect loops

Question 52

NIC

Answer 52

Network Interface Card

Question 53

ACLs

Answer 53

Access Control Lists

Question 54

SNMP

Answer 54

Simple Network Management Protocol

Monitors and manages network devices, such as routers or switches
SNMPv3 Encrypts credentials before sending them over the network
Uses port 161 and 162 UDP

Question 55

WAF

Answer 55

Web Application Firewall

Question 56

NGFW

Answer 56

Next Generation Firewall
Performs deep-packet inspections
Can identify application commands and detect malicious traffic
Allows content filtering and URL filtering and can use Stateless and Stateful firewalls

Question 57

DMZ

Answer 57

Demilitarized Zone or Screened Subnet
Placed in-between the Internet and intranet

Question 58

NAT

Answer 58

Network Address Translation
Translates public IPS to private Ips and vis versa

Question 59

PAT

Answer 59

Port Address Translation

Question 60

SCADA

Answer 60

Supervisory Control and Data Aquistion
Isolated in an intranet and they gather data and analyze it

Question 61

VLAN

Answer 61

Virtual Local Area Network
Used to Subnet a network
Can organize computers that are in different locations into one
Traffic that goes through the VLAN can only be seen by users in the VLAN.
Helps to alleviate broadcast traffic
Are configured on switches

Question 62

UTM

Answer 62

Unified Threat Management
Is an application that goal is to provide better security
Provides URL filtering, Malware Inspection, Content Inspection, DDos Mitigator
Is usually placed at network border

Question 63

ZTNA

Answer 63

Zero Trust Network Access
Refers to the idea that we don’t make trust decisions based on network locations

Question 64

PEP

Answer 64

Policy Enforcement Point
The network enforces decisions
Sits between Control and Data Plane

Question 65

PE

Answer 65

Policy Engine
Is located on Control plane
And decides wether to grant access to a resource for a given subject

Question 66

PA

Answer 66

Policy administrator
Is located in the Control plane
Is responsible for communicating the decisions made by the PE

Question 67

SASE

Answer 67

Secure Access Service Edge
Is designed closely related to ZTNA
That brings together Networking and Security functions and delivers them as and integrated cloud service

Question 68

CASB

Answer 68

Cloud Access Service Broker