Chapter 6: Understanding Secure and Insecure Protocols

Question 1

refers to the rules required by different applications for the exchange of data, where the application can perform actions such as running commands on remote systems, sending and receiving emails, and downloading files from the internet.

Answer 1

Protocol

Question 2

what are the 2 types of ports?

Answer 2

1. Transmission Control Protocol (TCP)
2. User Diagram Protocol (UDP)

Question 3

connection oriented as it uses a three way handshake
-first packet sent is called the syn packet where sending host informs the receiving host of the number of its next packet
-receiving host sends an SYN/ACK packet, where it says what the next packet is.
-the ACK packet acknowledges both kinds of packets and then the data is sent

Answer 3

Transmission Control Protocol (TCP)

Question 4

faster but less reliable as it is connectionless
-used for streaming video and gaming where speed is paramount

Answer 4

User Diagram Protocol (UDP)

Question 5

If I wanted to upload files to web server I would use FTP on port 20, but the more common use is to download files using port 21—downside of FTP is the transfer is done using clear text, so a packet sniffer could view the information—replaced by secure protocols such as SFTP or FTPS

Answer 5

File Transfer Protocol (FTP)–>port 21

Question 6

Run commands on remote hosts–runs remote commands on devices such as routers–session is in clear text and is not secure–SSH is replacement protocol

Answer 6

Telnet–>port 23

Question 7

Transport mail between mail servers

Answer 7

Simple Mail Network Protocol (SMNP)–>Port 25

Question 8

Host name resolution/zone transfer (TCP)/name queries

Answer 8

Domain Name System (DNS)–>UDP Port 56

Question 9

Automatic IP address allocation–allocates IP addresses dynamically to computers. If a computer cannot obtain the IP address, then there is a faulty cable or no more IP addresses in the database

Answer 9

Dynamic Host Configuration Protocol (DHCP)–>UDP port 67/68

Question 10

file transfer using UDP–>not as secure

Answer 10

Trivial File Transfer Protocol (TFTP)–>UDP Port 69

Question 11

used to access websites

Answer 11

Hypertext Transfer Protocol (HTTP)–>port 80

Question 12

pull mail from mail server, no copy left on mail server

Answer 12

Post Office Protocol 3–>Port 110

Question 13

Time Syncronization–ensures the clocks of all computers are synced

Answer 13

Network Time Protocol (NTP)–>port 123

Question 14

NETBIOS to IP address resolution

Answer 14

NETBIOS–>UDP Port 137-139

Question 15

Pulls mail from mail server

Answer 15

Internet Message Access Protocol (IMAP4)–>Port 143

Question 16

Notifies status and creates reports on network devices—each network device has an agent installed and is programmed so that if a trigger is met, the ____ management console is notified

Answer 16

Simple Network Management Protocol (SNMP)–>UDP Port 161

Question 17

Stores X500 Objects, searches directory services for users and groups and other information

Answer 17

Lightweight Directory Access Protocol (LDAP)–>Port 389

Question 18

the purpose of a ______ is to connect networks, whether they are internal subnets or external networks, and route packets between them.

Answer 18

router

Question 19

internal device that connects all of the users in a local area network so they can communicate with each other. A computer connects to a wall jack that runs into a patch panel, and then from the patch panel to the switch. The cables are places inside a conduit to protect them.

Answer 19

Switch

Question 20

the router will have to allow rules at the top of the ACL, but the last rule is to deny all. If traffic that is not on the list arrives, then the last rules of the denial will apply—Implicit Deny

Answer 20

Access Control List (ACL)

Question 21

used to remotely access the router and runs commands securely

Answer 21

SSH

Question 22

a managed switch is called ________,
here the switch identifies and authenticates devices connecting to the switch and blocks rogue devices, such as rogue access points.
-can work in conjunction with a Remote Authentication Dial in User Service (RADIUS)

Answer 22

802.1x

Question 23

where a port in a switch is switched off to prevent someone from plugging their laptop into a wall jack.

Answer 23

port security

Question 24

is used in a switch to prevent Media Access Control (MAC) flooding, where the switch is flooded with a high volume of fake MAC addresses; this prevents DDoS attacks.

Answer 24

Flood Guard

Question 25

can be set up on a switch to segment network traffic. If the finance department wanted to be isolated from other departments within the local area network, a _____ could be created.
-the ____ tag must be set up, otherwise the switch wont know where to route the traffic

Answer 25

VLAN

Question 26

when more than one switch is connected, you may have redundant paths, and this causes looping that provides broadcast traffic. STP has an algorithm that sets up some ports to forward, listen, or block traffic to prevent looping

Answer 26

Spanning Tree Protocol (STP)

Question 27

performs same function as LDAP; however, LDAP is not secure and is vulnerable to LDAP injection attacks, where an attacker tries to gain information from directory service.
-using ______ encrypts the session using SSL/TLS—this is known as LDAP over SSL—making it secure

Answer 27

LDAPS

Question 28

the authentication system used to log in to Active Directory and uses tickets for authentication

Answer 28

Kerberos