Chapter 3 - Understanding Basic Network Security Flashcards

1
Q

Connectivity Protocols

A
TCP
UDP
IP
ICMP
ARP
NDP
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Encryption Protocols

A
SSH
SCP
SSL
TLS
IPSec
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

SSH

A

Acronym : Secure Shell
Function : Used by Secure Copy (SCP) and Securite File Transfer Protocol (SFTP)
Port TCP 22

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

SCP

A

Acronym : Secure Copy Protocol
Function : Send encrypted files over network
Port : TCP 22

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

SSL

A

Acronym : Secure Sockets Layer
Function : Secure HTTP as HTTPS with certificates
Used by : HTTPS, SMTP, LDAP, LDAPv2
Port : TCP 443 with HTTPS, TCP 465 with SMTP, TCP 636 with LDAP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

TLS

A

Acronym : Transport Layer Security
Function : Designated replacement for SSL
Used by : HTTPS, LDAPv3
Port : TCP 443 with HTTPS, TCP 636 with LDAP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

IPSec

A

Acronym : none
Function : Encrypt IP traffic. Works with IPv4 & IPv6. Used in Tunnel mode with VPN connections.
Main components : Authentication Header (AH) + Encapsulation Security Payload (ESP)
Port : Internet Key Exchange (IKE) with UDP 500

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Application protocols

A
HTTP
HTTPS
FTP
SFTP
FTPS
TFTP
Telnet
SNMP
NetBIOS
LDAP
Kerberos
Microsoft SQL Server
RDP
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

IPv4 classes

A

Class A : 0.0.0.0 - 127.255.255.255
Class B : 128.0.0.0 - 191.255.255.255
Class C : 192.0.0.0 - 223.255.255.255

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

IPv6 benefits over IPv4

A

Significantly larger address space

IPsec built in (everything encrypted)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

DNS zones

A
A : host record (IPv4)
AAAA : host record (IPv6)
PTR : pointer record (opposite of A record)
MX : mail exchanger
CNAME : canonical name / alias
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

DNS ports

A

TCP 53 : zone transfers

UDP 53 : name resolution

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Ports ranges

A

0 - 1023 : well-known ports
1024 - 49151 : registered ports
49152 - 65535 : dynamic and private ports

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

IPv4 primary methods to handle traffic

A

Unicast : one-to-one traffic

Broadcast : one-to-all traffic

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Firewall rule general format

A
PPSDP
Permission
Protocol
Source
Destination
Port
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

NAT benefits

A

Public IP addresses don’t need to be purchased for all clients
NAT hides internal computers from the internet

17
Q

NAT modes

A

Static NAT

Dynamic NAT

18
Q

OSI model layers

A
"All people seem to need data processing"
"Please do not throw sausage pizza away"
1. Physical
2. Data Link
3. Network
4. Transport
5. Session
6. Presentation
7. Application
19
Q

Physical layer

A

Devices : Cables, hubs

Protocols : Ethernet, cabling protocols

20
Q

Data Link layer

A

Devices : switches

Protocols : MAC, ARP, NDP, VLANs

21
Q

Network layer

A

Devices : Router, Layer 3 switch

Protocols : IPv4, IPv6, IPsec, ICMP

22
Q

Transport layer

A

Protocols : TCP, UDP

23
Q

Application

A

Devices : proxies, application-proxy firewalls, web application firewalls, web security gateways, UTM security appliances