CHP 11 Flashcards
fact
UDP is connectionless
TLS
Transport Layer Security (TLS)
Security protocol that uses certificates for authentication and encryption to protect web communications and other application protocols.
fact
TLS 1.3 is the removing the ability to perform downgrade attacks
SASL
Simple Authentication and Security Layer (SASL) is a framework for adding authentication support to connection-based protocols.
MIB
A Management Information Base (MIB) is a database used for managing the entities in a communication network. It is a hierarchical structure that stores information about network devices and their operational status, enabling network management protocols like SNMP (Simple Network Management Protocol) to monitor and control these devices.
STARTTLS
STARTTLS is a command used to upgrade an existing plaintext communication connection to an encrypted connection using SSL/TLS. It is commonly used in various email and messaging protocols to secure the data transmission. STARTTLS method is generally more widely implemented than SMTPS
IMAP
Internet Message Access Protocol (IMAP) is a standard email protocol that allows users to access and manage their emails on a mail server. Unlike POP3, which downloads emails to a local device, IMAP stores emails on the server, allowing access from multiple devices.
SPF
Sender Policy Framework (SPF):
Purpose: Stops email spoofing.
DKIM
Domain Keys Identified Mail (DKIM):
Purpose: Ensures email integrity.
DMARC
Domain-based Message Authentication, Reporting & Conformance (DMARC):
Purpose: Combines SPF and DKIM to protect against email fraud.
S/MIME
Secure/Multipurpose Internet Mail Extensions (S/MIME) is a standard for public key encryption and signing of MIME data. It provides a way to send and receive secure email messages.
DNS
Domain Name System (DNS) is a hierarchical and decentralized naming system used to translate human-readable domain names (like www.example.com) into machine-readable IP addresses (like 192.0.2.1).
fact
DoS attacks are hard to perform against the servers that perform Internet name resolution, but if an attacker can target the DNS server on a private network, it is possible to seriously disrupt the operation of that network.
BIND
BIND (Berkeley Internet Name Domain) is the most widely used DNS server software on the Internet. It translates domain names into IP addresses and vice versa, facilitating the proper routing of internet traffic.
DNS Footprinting
DNS Footprinting is the process of gathering information about an organization’s DNS infrastructure and associated domains. It is often a preliminary step in a broader cybersecurity assessment or penetration testing exercise.
fact
secure coding practices that encourage developers to write code that prevents common vulnerabilities like SQL injection and cross-site scripting. Application security practices also mandate static application security testing (SAST) and dynamic application security testing (DAST).
SEH
Structured Exception Handling (SEH) is a mechanism in Windows operating systems that provides a way to handle exceptions, which are unexpected or exceptional conditions that occur during the execution of a program.
An educational institution’s systems administrator is responsible for securing the LDAP directory service for the organization’s computing resources. Which authentication method should the systems administrator implement to ensure secure access while minimizing opening extra ports on the firewall?
A.It requires no authentication method
B.Simple Bind authentication method
C.Simple Authentication and Security Layer
D.Lightweight Directory Access Protocol Secure
C
A large multinational company wants to enhance the security of its computing resources. It considers applying common security techniques to protect sensitive data and prevent unauthorized access. Which security technique would be MOST suitable for securing computing resources?
A.GPS tagging to add geographical identification metadata to a company’s sensitive files
B.Add geofencing to create a virtual boundary around the company’s office premises
C.Indoor Positioning System to determine the physical position of employees’ devices
D.Applying context-aware authentication to restrict resource access based on user location
D
A large finance company’s software developers are working on a new web application for their customers. The team has concerns about potential security vulnerabilities. Which security techniques should they consider implementing to enhance the security of their application from web-based attack techniques? (Select the two best options.)
A.Static code analysis
B.Code signing
C.Input validation
D.Secure cookies
C and D
The IT administrator of a global banking organization is responsible for configuring email services. The administrator must ensure secure communication between servers and servers, as well as servers and clients. Which of the following statements about securing email protocols is true? (Select the two best options.)
A.Simple Mail Transfer Protocol Secure (SMTPS) is the most widely implemented and robust method for securing SMTP communications.
B.Port 465 is the recommended port for secure message submission over implicit transport layer security using STARTTLS command.
C.Post Office Protocol 3S (POP3S) operates over transmission control protocol port 995 by default for secured mailbox access.
D.Internet Message Access Protocol Secure allows multiple clients to connect to the same mailbox on port 143 simultaneously.
A and C