Misc Flashcards
What encompasses asymmetric encryption?
What is EL-GAMAL?
What is ECC?
What is RSA?
- Public Key
- Problem: MITM
- C/I/Auth/Sigs
EL-GAMAL - based on the work of D-H, but this includes the ability for message confident, and digital signs, not just the session key
ECC- low overhead, smart cards, can provide confident, dig signs, and message authentication services
RSA - 2 large prime numbers
What encompasses symmetric encryption? What is 3DES? What is 2FISH? What is BLOWFISH? What is RC4? What is AES? What is IDEA? What is DES? What is SERPANT? What is SAFER? What is CAST? What is Rijndael?
- Static, secret, same, super fast
- Problem: Key distribution
3DES- uses 3 DES - more key management
2FISH - operates with keys of 128, 192, or 256 bits on blocks of 128-bits
BLOWFISH- requires very little system memory, operates with variable key sizes from 32 up to 448-bits on 64-bit input and output blocks
RC4- stream based, if using key length of at least 128-bit there is currently no practical way to attack it
AES, block, Rijndael, Block 128, 192, 256
IDEA - uses 128-bit key and operates on 64-bit blocks
DES-56 bit -key is too short- brute force attacks
SERPENT -
SAFER - patent-free, 64 or 128-bit blocks, variation of this is used as a block cipher in Bluetooth
CAST- 128 Feistel-type block cipher with 64-bit blocks
CAST - 256 operates on 128-bit blocks and with keys of 128, 192, 160, 224, and 256-bits
Key Exchange?
D-H EL-GAMAL ECC RSA IKE (ipsec)
D-H - key negotiation that does not provide for message confident. Also can be referred to a session key negotiation
EL-GAMAL - based on the work of D-H, but this includes the ability for message confident, and digital signs, not just the session key
ECC - use short key, strongest of asym, and can provide confident, dig signs, and message authentication services
RSA - 2 large prime numbers
IKE (Ipsec)-internet key exchange -
ipsec is suite of protocols for communicating security with IP by providing mechanisms for authentication and encryption.
Hashing?
Collision?
Salt?
MD5 MD2 MD4 SHA-0 SHA-1 SHA-2 SHA-3 HAVAL- RIPEMD
- Integrity/Non reversible
- Changes
Collision- hash generates the same output for 2 different inputs. 2 inputs = same output
Salt - extra layer of protection before hashing takes place
MD5 (1-6)
MD2 - 128 - hash function for 8-bit processor
MD4 - 128-bit - message digest algorithm to support 32-bit processors
MD5- 128 - is subject to collisions, preventing its use for ensuring message integrity
SHA-0 - developed by NIST, issued as FIPS 180
SHA-1 160 bit
SHA-2 - 256-bit
SHA-3 - 512 - more resistant to collision and pre-imaging attacks
HAVAL-variable length output message digest
modification of MD5. HAVAL uses 1,024-bit blocks and produces hash values of 128, 160, 192, 224, and 256 bits
RIPEMD- 160-bits, operates similarly to MD5 on 512-bit blocks. Faster than SHA-1
- shrm
PKI? CA- RA Key Escrow RA- Recovery Agent OCSP CRL
- Manages certs & public keys
- X.509v3 - verify public key belongs to the certs owner
CA- - root > trusted third party
RA- Registration Authority - assist CAs with the burden of verifying users’ identities prior to issuing digital certifi cates. They do not directly issue certifi cates themselves, but they play an important role in the certifi cation process, allowing CAs to remotely validate user identities.
Key Escrow - keeping copy with 3rd party in case of key loss
RA- Recovery Agent -
OCSP -Online Certificate Status Protocol (OCSP) This protocol eliminates the latency inherent in the use of certificate revocation lists by providing a means for real-time certificate verification
CRL-
WiFI?
SSID
Evil Twin
Rogue AP
v1= WEP uses
v2= WPA uses
v3= WPA/2 uses
802.11
SSID - service set identifier - simply the technical term for a network name. When you set up a wireless home network, you give it a name to distinguish it from other networks in your neighbourhood. You’ll see this name when you connect your computer to your wireless networ
Evil Twin - a fraudulent Wi-Fi access point that appears to be legitimate but is set up to eavesdrop on wireless communications. The evil twin is the wireless LAN equivalent of the phishing scam.
Rogue AP - unauthorized wireless network access device
v1= WEP
PSK -pre-shared key
RC4
v2= WPA
PSK/ENT
TKIP
v3= WPA/2
PSK/ENT
AES-CCMP
Firewalls?
- Filter = pass/block allow/deny
- Rules!
Applic Proxy - An application proxy or application proxy server receives requests intended for another server and acts as the proxy of the client to obtain the requested service. You often use an application proxy server when the client and the server are incompatible for direct connection.
WAF - web application firewall is a specific form of application firewall that filters, monitors, and blocks HTTP traffic to and from a web service
NGFW - add application level inspection instruction prevention, along with malware awareness and prevention.
Stateless Packet Filter- are designed to protect networks based on static information such as source and destination.
Stateful Packet Filter - examines each packet in the context of a session that allows it to make dynamic adjustments to the rules to accommodate legit traffic and block malicious traffic.
Routing protocols?
RIP
RIPv2
OSPF
BGP
IGRP
EIGRP
IEEE 802
- 3
- 11
- 1X
- 1D
- 1Q
- 1p
- 3 Ether CSMA/CD
- 11 WiFi CSMA/CA
- 1X Port based
- 1D STP = loops
- 1Q VLAN
- 1p
VLAN types
Ipsec- s suite of protocols for communicating security with IP by providing mechanisms for authentication and encryption.
L2TP-allows callers over serial line using Point to point to connect over the internet to a remote network. LP2 does not provide encryption, but it relies upon IPSEC for the encryption. Since it is based on PPP it can use PAP, CHAP, or EAP for encryption.
PPTP-point-to-point tunneling protocol uses tunnel that runs over other protocol and relies on GRE - Generic Routing encapsulation to build the tunnel between endpoints
HTTPS-Hypertext Transfer Protocol Secure (HTTPS) is an extension of the Hypertext Transfer Protocol (HTTP). It is used for secure communication over a computer network, and is widely used on the Interne
Authentication servers
Kerberos
Tickets
AAA
Radius
Certs
AAA
Diameter
TACACS
TACACS+
XTACACS