Lesson 11 - Application Security Capabilities Flashcards
TLS
Transport Layer Security
- Security protocol that uses certificates for authentication and encryption to protect web communications and other application protocols.
HKDF
Hash Key Derivation Function
- a cryptographic tool used to derive strong, unique keys from a master key or input keying material (IKM), ensuring secure key management and data protection
SASL
Simple Authentication and Security Layer
- a framework that provides mechanisms for authentication, data integrity, and encryption in Internet protocols, enabling secure communication by allowing clients and servers to negotiate authentication methods
LDAPS
Lightweight Directory Access Protocol Secure
- A method of implementing LDAP using SSL/TLS encryption.
SNMP
Simple Network Management Protocol
- Application protocol used for monitoring and managing network devices. SNMP works over UDP ports 161 and 162 by default.
MIB
Management Information Base
- a hierarchical database used by network management protocols like SNMP to store and access information about managed network devices, enabling monitoring, control, and troubleshooting.
FTP
File Transfer Protocol
- Application protocol used to transfer files between network hosts. Variants include S(ecure)FTP, FTP with SSL (FTPS and FTPES), and T(rivial)FTP. FTP utilizes ports 20 and 21.
SFTP
Secure File Transfer Protocol
- A secure version of the File Transfer Protocol that uses a Secure Shell (SSH) tunnel as an encryption method to transfer, access, and manage files.
SMTP
Simple Mail Transfer Protocol
- Application protocol used to send mail between hosts on the Internet. Messages are sent between servers over TCP port 25 or submitted by a mail client over secure port TCP/587.
POP3
Post Office Protocol v3
- Application protocol that enables a client to download email messages from a server mailbox to a client over port TCP/110 or secure port TCP/995.
IMAP
Internet Message Access Protocol
- Application protocol providing a means for a client to access and manage email messages stored in a mailbox on a remote server. IMAP4 utilizes TCP port number 143, while the secure version IMAPS uses TCP/993.
SPF
Sender Policy Framework
- A DNS record identifying hosts authorized to send mail for the domain.
DKIM
DomainKeys Identified Mail
- A cryptographic authentication mechanism for mail utilizing a public key published as a DNS record.
DMARC
Domain-Based Message Authentication, Reporting and Conformance
- Framework for ensuring proper application of SPF and DKIM, utilizing a policy published as a DNS record.
S/MIME
Secure/Multipurpose Internet Mail Extensions
- a cryptographic standard used for securing email communications, offering encryption for confidentiality and digital signatures for authentication and integrity
RPZ
Response Policy Zone
- a DNS (Domain Name System) feature that allows administrators to control DNS resolution based on predefined policies, enabling them to block or redirect users to specific locations based on domain reputation or other criteria.
BIND
Berkley Internet Name Domain
- a key component of the DNS, performing crucial operations such as translating human-readable domain names into IP addresses that can be read by machines
DNSSEC
DNS Secure Extensions
- Security protocol that provides authentication of DNS data and upholds DNS data integrity.
SEH
Structured Exception Handler
- A mechanism to account for unexpected error conditions that might arise during code execution. Effective error handling reduces the chances that a program could be exploited.
HSTS
HTTP Strict Transport Security
- a web security policy that forces browsers to only interact with a website using HTTPS, preventing protocol downgrade attacks and cookie hijacking by ensuring secure connections.