Chapter 5 - Domain 5 Network Security Flashcards
What two wireless encryption protocols are no longer considered secure & should not be used if security is a goal?
page 178
WEP & WPA
What two distinct advantages does WPA have over WEP?
page 178
- Temporal Key Integrity Protocol (TKIP)
- Extensible Authentication Protocol (EAP)
What additional advantages does WPA2 offer?
page 178
- Advanced Encryption Standard (AES)
- Implements CCMP, based on 802.11i standard & offers enhanced data cryptographic mechanism that replaces TKIP
How does MAC Address Filtering help in security measures?
page 179
- Configured to allow only specific MAC address through an interface on the Wireless Access Point (WAP)
- MAC Filtering should be used in conjunction with other security measures.
What is a method of identifying traffic & then making decisions based on the attributes of that traffic?
page 180
Access Control List (ACL)
What are the two methods of IP filtering & why is one method is made less secure?
page 181
- Pass only the desired IP traffic & BLOCK everything else
- Pass everything & block only traffic specifically configured to be blocked
- some traffic that is forgotten will be passed , therefore less secure
What are the three main groups of Ports in Port filtering?
page 181
Well Know Ports - 0 to 1023
Registered Ports - 1024 to 49151
Dynamic or Private Ports - 49152 to 65535
which ports are used by applications or services that need to have consistent port assignments?
page 181
Registered Ports
Which ports are not assigned to any particular protocol or service & can therefore be used for any service or application?
page 181
Dynamic or Private Ports
What is the process of encapsulating one protocol within another so as to provide a secure communication through an unsecured medium, typically the Internet?
page 182
Tunneling
How does L2TP work?
page 182
Layer 2 Tunneling Protocol
Uses IPSec to authenticate the client in two phases
1. Authenticates the computer to prevent a man-in-middle attack
2. Authenticates the user
