Dion - Security Protocols pg97

Question 1

What is S/MIME?

Answer 1

Secure/Mulitpurpose Internet Mail Extensions

• A standard that provides cryptographic security for email!
• Public Key encryption and digital signing

Question 2

What is SRTP?

Answer 2

Secure Real-Time Transport Protocol is for phone calls or video calls.

Uses AES encryption
Uses HMAC-SHA-1 hashing

Question 3

What is NTP?

Answer 3

Network Time Protocol

• around since 1985
• vulnerable to DDoS

Trying to make NTPsec, in development since 2015

Question 4

What is Secure POP and Secure IMAP?

Answer 4

Email security for POP3 or IMAP

• Uses STARTTLS to add SSL to POP3
• Secure IMAP is IMAP with SSL

Question 5

What is SSL/TLS?

Answer 5

Secure Sockets Layer
Transport Layer Security (the new version!)

HTTPS (Port 443) uses TLS or SSL

For all internet communications - browsing, IM, email, VoIP etc

Question 6

How does SSL/TLS work?

Answer 6

Use public key encryption

• Private key on the server
• Symmetric session key is transferred using asymmetric encryption
• Very fast and secure

Question 7

What is FTPS?

Answer 7

FTP over SSL

FTP - File Transfer Protocol

Question 8

What is SFTP?

Answer 8

SSH File Transfer Protocol

Provides file system functionality
Resume interrupted transfers
Remote file removal

Question 9

What is LDAP?

Answer 9

Lightweight Directory Access Protocol

• A database reading and writing directories over an IP network.
• Uses X.500 standard from ITU “International Telecoms Union”
• Microsoft’s Active Directory, Apple’s OpenDirectory
• Unencrypted Port 389
• Encrypted Port 636

Question 10

What is the more secure version of LDAP?

Answer 10

LDAPS - LDAP Secure
or implement
SASL - Simple Authentication and Security Layer
Which adds 2 way authentication - eg. Kerberos (Port 88)

Question 11

What is SSH?

Answer 11

Secure Shell - Port 22
Encrypted terminal communication between two computers or network devices.

Requires one device to be a server and the other a client

Replaces Telnet

Question 12

What is SSH 2.0?

Answer 12

Uses Diffie-Hellman key exchange and MACs

Question 13

What is DNSSEC?

Answer 13

Domain Name System Security Extensions
Prevents DNS poisoning

Validates DNS responses
DNS - Port 53

Question 14

What is SNMP? What is the secure version?

Answer 14

Simple Network Management Protocol
Port 161 UDP

Use SNMPv3 for better security - encrypted and authentication

Question 15

What is DHCP?

Answer 15

Dynamic Host Configuration Protocol
NOT secure.

Used to automatically allocate IP addresses

Question 16

What is a VPN?

Answer 16

Virtual Private Network

Secure connection between 2+ computers that aren’t on the same network

Question 17

What is PPTP?

Answer 17

A VPN Protocol!

Point-to-Point Tunneling protocol - Port 1723

Protocol that encapsulates and encrypts PPP packets.

Uses CHAP-based authentication which is vulnerable.

Question 18

What is L2TP?

Answer 18

A VPN Protocol!

Layer 2 Tunneling Protocol - Port 1701

Connection between 2+ computers that aren’t on the same network.

Usually paired with IPSec to provide security

Question 19

What is IPSec?

Answer 19

A VPN Protocol!

Internet Protocol Security

A TCP/IP protocol that authentications and encrypts IP packets.

Uses hashing and key exchange.

Question 20

What is IKE?

Answer 20

Internet Key Exchange

Method used by IPSec to create a secure tunnel between authenticated peers.

Question 21

What is AH?

Answer 21

Authentication Header Protocol

Used in IPSec and provides integrity and authentication

Question 22

What is ESP?

What are the two modes?

Answer 22

Encapsulation Security Payload

Encapsulated and encrypts packets
Two Modes:

1. Transport Mode: Host to host - payload is encrypted, not header, best for private networks.
2. Tunnel Mode: Entire packet is encrypted - best transmission with different networks