Domain 3: Implementation Flashcards
DNSSEC
Domain Name System Security Extensions - protects internet users and applications from forged DNS data by using public key cryptography to digitally sign authoritative zone data when it enters the DNS and then validate it at its destination
Strengthens authentication in DNS using digital signatures based on public key cryptography
DNS
Used to resolve hostnames to IPs & IPs to hostnames
Translates human readable domain names to machine/computer readable IP addresses
Port 53, TCP/UDP
Ex: www.amazon.com to 192.0.2.44
SSH
Secure Shell - network protocol that provides a secure way for two computers to connect remotely
Cryptographic network protocol for operating network services securely over an unsecured network…
Encrypted tunnel
Utility that supports encrypted data transfer between 2 computers for secure logins, file transfers, or general purpose connections
Encrypted remote access protocols
Port 22
S/MIME
Secure Multipurpose Internet Mail Extensions - protocol for sending digitally signed and encrypted messages.
Standard to digitally sign and encrypt email messages
SRTP
Secure Real-Time Transport Protocol - used in VoIP…provides encryption, confidentiality, message authentication, and replay protection to your transmitted audio and video traffic
LDAPS
Lightweight Directory Access Protocol Over SSL (Lightweight Directory Access Protocol Secure) - used to maintain directories of users and other objects over an encrypted SSL/TLS connection
Allows for the encryption of LDAP data (which includes user credentials) in transit during any communication with the LDAP server (like a directory bind), thereby protecting against credential theft.
Port 636, TCP/UDP
FTPS
File Transfer Protocol Secure - an extension to FTP that support for the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) cryptographic protocols
Port 21
SFTP
SSH File Transfer Protocol - Runs over the SSH protocol. It supports the full security and authentication functionality of SSH
Protects the integrity of the data using encryption and cryptographic hash functions, and authenticates both the server and the user.
Protects against password sniffing and man-in-the-middle attacks…Uses port 22
SNMPv3
Simple Network Management Protocol, Version 3 -Provides secure exchanges of management data between network infrastructure devices and management stations.
Enhances the security capabilities of the SNMP protocol. Port 161
SNMP
Simple Network Management Protocol - used to access network devices like routers, servers, switches and their management information base (MIB) objects
Port 161 and port 162
HTTPS
Hypertext transfer protocol over SSL/TLS (HTTPSecure) - Used to send data between a web browser and a website securely…Secure version of HTTP
Port 443
IPsec
Internet Protocol Security - A group of protocols that are used together to set up encrypted connections between device
Uses two distinct protocols, Authentication Header (AH) and Encapsulating Security Payload (ESP)
Most secure protocol that works with VPNs
Authentication Header (AH)
Ensures connectionless integrity by using a hash function and a secret shared key in the AH algorithm. AH also guarantees the data origin by authenticating IP packets
IPSec protocol that provides data integrity, data origin authentication, and optional anti-replay services to IP
Encapsulating Security Payload (ESP)
IPSec protocol that provides integrity, confidentiality, and authenticity for the packets by encrypting them
Encrypts Packets
POP
Post Office Protocol - Internet standard protocol used by e-mail clients to retrieve e-mail from a mail serve
Methods of retrieving messages from your email server and delivering them to your email software
Port 110
