Domain 4 - Communications and Network Security Flashcards
SSL (Application – layer 7 )
Two layered: SSL record protocol and handshake protocol. Same as SSH it uses
symmetric encryption for private connections and asymmetric or public key cryptography for peer
authentication
SMTP (Application – layer 7 )
Email queuing. Port 25
Simple Networking Management Protocol (Application – layer 7 )
Collection of network information by polling the
devices from a management station. Sends out alerts – called traps - to an database called
Management Information Bases (MIBs)
Presentation – layer 6
Compression/decompression and encryption/decryption. Uses acommon format to represent data, Standards like JPEG, TIFF, MID, ; Technology: Gateway
Session - layer 5
Inter-host communication, logical persistent connection between peer hosts, a conversation, simplex,
half duplex, full duplex. Protocols as NSF, SQL, RADIUS, and RPC. Protocols: PAP, PPTP, RPC NFS SSL/TLS NETBIOS
Transport
End-to-end data transfer services and reliability. Technology: Gateways. Segmentation, sequencing,
and error checking at this layer.
Protocols: TCP, UDP, SSL, SSH-2,
Fragmentation
– IP will subdivide a packet if its size is greater than the maximum allowed on a local
network
Simple Key Management for Internet Protocols
Provides high availability in encrypted
sessions to protect against crashes. Exchanges keys on a session by session basis.
ARP, Address resolution protocol
Used to match an IP address to a hardware MAC address. ARP
sends out broadcast to a network node to reply with its hardware address. It stores the address in a
dynamic table for the duration of the session, so ARP requests are only sent the first time
FRAMES
Translates data into bits and formats them into data frames with destination header and source
address. Error detection via checksums.
Logical Link Control
Flow control and error notification
Packet-filtering firewalls (layer 3/4)
Use rules based on a packet’s source, destination, port or other basic information to determine whether or not to allow it into the network
Stateful packet filtering firewalls (layer 7)
Have access to information such as; conversation, look
at state table and context of packets; from which to make their decisions.
Application Proxy firewalls (layer 7)(3-7 actually)
Which look at content and can involve
authentication and encryption, can be more flexible and secure but also tend to be far slower
Circuit level proxy (layer 5)
Looks at header of packet only, protects wide range of protocols and
services than app-level proxy, but as detailed a level of control. Basically once the circuit is allowed all
info is tunneled between the parties. Although firewalls are difficult to configure correctly, they are a
critical component of network security
IEEE 802.15
is the standard for Bluetooth
IEEE 802.3
Defines Ethernet
802.11
Defines wireless
networking
802.20 d
Defines LTE
Class A network
1 and end at 127
Class B
128 and end at 191
Class C network
192 and end at 223
SSL session key length
40bit to 256 bit
Ad hoc Mode
Directly connect two+ clients, no access point
Infrastructure Mode
Connects endpoints to a central network, not directly to each other, need access
point and wireless clients for IM mode wireless
WEP
Predecessor to WPA and WPA2, confidentiality, uses RC4 for encryption,
WPA
Uses TKIP for data encryption
WPA2
Based on 802.11i, uses AES, key management, reply attack protection, and data integrity, most
secure, CCMP included, WPA2 ENTERPRISE Mode - uses RADIUS account lockout if a passwordcracker is used
LEAP
Cisco proprietary protocol to handle
problems with TKIP, security issues don’t use. Provides reauthentication but was designed for WEP
Fiber Distributed Data Interface (FDDI)
Form of token ring that has second ring that activates on error
Frame Relay WAN
Over a public switched network. High Fault tolerance by relaying fault segments
to working.
SASL
Provides secure LDAP authentication
OpenLDAP
default, stores user PW in the clear
Client SSL Certificates
Used to identify clients to servers via SSL (client authentication)
S/MIME Certificates
Used for signed and encrypted emails, can form sign, and use as part of a SSO
solution
MOSS
MIME Object Security Services, provides authentication, confidentiality, integrity, and
nonrepudiation
OAuth
Ability to access resources from another service
OpenID
Paired with OAuth is a RESTful, JSON-based authentication protocol can provide identity
verification and basic profile information, phishing attack possible by sending fake data
Broadband Technologies
ISDN, cable modems, DSL, and T1/T3 lines that can support multiple
simultaneous signals. They are analog and not broadcast technologies.
CHAP
Challenge-Handshake Authentication Protocol, used by PPP servers to authenticate remote
clients. Encrypts username and PW and performs periodic re authentication while connected using
techniques to prevent replay attacks
CIR – (committed Information Rate)
Minimum bandwidth guarantee provided by service provider to customers