Network Security Flashcards

1
Q

TCP/IP Protocols

A

TCP
UDP
IP
ICMP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Addresses

A

IDs networks and devices on a network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Port Numbers

A

IDs services running on a device

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Messages

A

Typically addressed to both the device and the port number of the service

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Socket

A

IP address:port number (147.63.12.2:8080)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Socket Pairs

A

Client IP address:port number and the Servers IP address:port number
Eg. 177.41.72.6:3022 communicating to 41.199.222.3:80

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

ICMP

A

Internet Control Message Protocol

Used for network troubleshooting
Reports errors and reply to requests
Ping and traceroute use ICMP
Several types:
* 0 - Echo Reply
* 3 - Destination Unreachable
* 8 - Echo
* 30 - Traceroute
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Well-Known Ports

A

0-1023

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Registered Ports

A

1024-49151

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Dynamic Ports

A

49152-65535

AKA Ephemeral Ports
PAT
Used when an app does not bind to a specific port

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Port 20/21

A

FTP-Data/Control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Port 22

A

SSH/SFTP/SCP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Port 23

A

Telnet

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Port 25

A

SMTP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Port 53

A

DNS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Port 67/68

A

DHCP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Port 69

A

TFTP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Port 80

A

HTTP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Port 88

A

Kerberos

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Port 110

A

POP3

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Port 889/890

A

FTPS (Implicit)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Port 443

A

FTPS (Explicit), HTTPS, SSL, TLS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Port 119

A

NNTP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Port 137-139

A

NetBIOS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Port 445

A

NetBIOS/Directory Services

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Port 143

A

IMAP4

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

Port 161/162

A

SNMP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Port 389

A

LDAP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Port 636

A

Secure LDAP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

Port 1701

A

L2TP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

Port 1812

A

RADIUS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

Port 3389

A

RDP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

Port 49

A

TACACS+

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

IPv4

A
32-bit addresses
Classes:
* A - 0-127
* B - 128-191
* C -  192-223
* D - 227-239
* E - 240-255
Subnetting/CIDR

Private IP Addresses:
A- 10.0.0.0 - 10.255.255.255
B- 172.16.0.0 - 172.31.255.255
C- 192.168.0.0 - 192.168.255.255

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

Blind FTP

A

User cannot see names of files in the directory

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

Anonymous FTP

A

Login = “anonymous” and password usually an email

Limited privileges

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

IPv6

A

79 octillion addresses
128 bits: 8 blocks (4 hexadecimal digits)
Zero Compression ::
Link-Local: fe80

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

SFTP

A

Secure FTP

Uses SSH (TCP port 22)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

FTPS

A

FTP over SSL
Uses SSL/TLS for security
Two Modes:
* FTPS: Implicit - SSL/TLS negotiated before FTP data is sent
* FTPES: Explicit - Client has control over what is encrypted

40
Q

SSH

A

Secure Shell

Secures remote access and remote terminal commo
Secure replacement for Telnet/FTP
Symmetric cryptography
Uses TCP port 22

SSH Suite: SCP, SSH, SFTP, Slogin

41
Q

SNMP

A

Simple Network Management Protocol

Manage/monitor devices in network
Application layer
Ability to send traps (if something happens alert server)

TCP Port 161/162

42
Q

NetBIOS

A

Naming convention for resources
Broadcast oriented network protocol
Disable to reduce null sessions

Ports 137, 138, 139, 445

43
Q

NetBEUI

A

NetBIOS Extended User Interface

Transports NetBIOS traffic on a LAN
Non-routable
Traffic easily intercepted

44
Q

WINS

A

Windows Internet Naming Service

Translates NetBIOS names to IP addresses
Pre-Windows 2000
Runs as a service on a server

45
Q

DNS

A

Domain Name Service

Translate FQDN to IP address

46
Q

Local Host File

A

Stores info on nodes in a network
Maps hostnames to IP addresses
Supplement DNS

47
Q

DNS Zones

A

Portion of the DNS domain space for which the server is responsible.

UDP 53 for queries
TCP 53 for zone transfers

48
Q

Zone Transfers

A

Publishes information about the domain and the name servers of any domains subordinate.

49
Q

DNS Record Types (4)

A

A/AAAA - Returns IPv4/6 address
CERT - Certificate Record
MX - Mail Exchange
NS - Name Server

50
Q

DNS Poisoning

A

Incorrect DNS data

Redirects to incorrect sites

51
Q

Domain Name Kiting

A

Process of registering for a domain name using registered name for a 5 day grace. At the end of 5 days not paying.

Tasting=legit
Kiting=taking advantage

52
Q

RDP

A

Remote Desktop Protocol

Allows user to control a networked computer
Software: RDC or TSC (terminal services client)
Port should always be blocked

TCP port 3389

53
Q

PPP

A

Point-to-Point Protocol/Tunneling Protocol
Remote connection over serial/dial-up connection
No encryption
EAP, CHAP, or PAP Authentication

54
Q

L2F

A

Layer 2 Forwarding (Cisco)

Used for Dial up

Authentication no data encryption
Mutual authentication
Operates at layer 2

UDP port 1701

55
Q

PPTP

A

Point-to-Point Tunneling Protocol (Microsoft)
Encapsulates and encrypts PPP packets
Negotiation in the clear
* only after negotiation is channel encrypted
* uses MPPE to encrypt data
Authentication: PAP, CHAP, MS-CHAP, EAP-TLS
Operates at Layer 2
TCP Port 1723

56
Q

L2TP

A

Layer 2 Tunneling Protocol
Hybrid of PPTP and L2F
No data encryption
* uses IPsec to provide data encryption/integrity
Authentication: PAP, CHAP, MS-CHAP, or EAP-TLS
Operates at Layer 2
Uses UDP port 1701

57
Q

VPN

A

Virtual Private Network

Private network connection over a public network
Can provide security
Established via Tunneling Protocols:
* L2TP - IPsec
* PPTP (MPPE)
58
Q

IPSec

A
Internet Protocol Security
Widely deployed VPN tech
Requirement for IPv6
Can encrypt any traffic supported by IP
Both encryption and authentication
Used with L2TP or along
Requires either certs or pre-shared keys
Operates at Layer 3

TCP port 500

59
Q

2 Modes of Commo for IPSec

A

“Transport on the LAN and Tunnel on the WAN”

Transport - end to end encryption of data
Packet data is protected but header is not

Tunnel - used for link-to-link commo
Both packet contents and the header are encrypted

Memory Aid: Semi trucks open road vs in a tunnel

60
Q

IPsec Protocols

A

Authentication Header (AH)

  • Offers authentication/integrity
  • HMCA with SHA-1 or MD5
  • IP protocol #51
  • Incompatible with NAT

Encapsulating Security Payload (ESP)

  • Offers authentication, integrity and confidentiality
  • Uses AES, 3DES, or DES
  • IP protocol #50
61
Q

SA

A

IP Sec Security Association

  • Authenticates and negotiates end users and manages secret keys
  • Established by IKE (tries forever.. no TTL) or manual user configuration
  • Unidirectional (trust from both sides)
62
Q

ISAKMP

A

Internet Security Association and Key Management Protocol

Part of IPSec

Defines procedures and packet formats
* Establish, negotiate, modify and delete Sec Assoc.
Defines payloads
Typically uses IKE for key exchange. Other methods can be used

UDP port 500

63
Q

IKE

A

Internet Key Exchange

Standard automated method for negotiating shared secret keys in IPsec

Generates, exchanges and manages keys
Supports pre-shared keys and X.509 certs
Built on ISAKMP and Oakley

UDP port 500

64
Q

Oakley Key Determination

A

Key agreement protocol

65
Q

802.1W

A

RSTP/Rapid Spanning Tree Protocol

66
Q

802.1D

A

STP/Spanning Tree Protocol

Default on switches

67
Q

802.1S

A

MSTP/Multiple Spanning Tree Protocol

68
Q

802.1Q

A

VLAN Protocol

* Helps decide which VLAN you belong to

69
Q

ACL

A

Access Control List

Rule based access control set to regulate traffic
Applied inbound AND/OR outbound traffic
Usually simple packet filtering by:
* Source/Destination IP address
* Ports
* Protocol
Last line: Implicit deny statement
List rules specific to general
Standard (source address) 1-99
* 0.0.0.0 = wildcard subnet mask 
Extended (protocols/destinations)100-199
* Permission, Protocol, Source, Destination
70
Q

Firewall Rules

A

Allows computer to send/receive traffic from programs, system services, computers or users.

Created for both in and outbound

71
Q

Packet Filtering Firewall

A

Filters traffic to specific address based on IP header
Compared against ACL
Works at Layer 3

72
Q

Stateful Inspection Firewall

A

Tracks each connection
May examine header info and/or contents of packet
Filtering based on rules and on context established by prior packets
Works at Layers 3 and 4

73
Q

Application Level Gateway

A

Traffic evaluated by user, group policies, etc.
Slowest form of firewall
Works at Layer 7

74
Q

Circuit Level Proxy

A

Monitors traffic between trusted and un-trusted hosts via virtual circuit
Filtering based on sessions rather than content
Works at Layer 5

Eg. PuTTY

75
Q

SOCKS

A

Network protocol designed to allow clients to communicated with internet servers through firewall

76
Q

Proxy Server

A

Border device to protect security zones

77
Q

One-to-One Address Mapping

A

NAT

78
Q

Many-to-One Address Mapping

A

PAT

79
Q

Bastion Host

A

Any hardened system located in the DMZ

80
Q

Extranet

A

Segment of your network set aside for trusted partners, organization

Out in the Internet not DMZ or Intranet

81
Q

VPN Concentrator

A

Device that handles large number of VPN tunnels

SSL or IPSec

82
Q

Flood Guards

A

Network device, firewall/router, that has the ability to prevent some flooding DoS attacks

83
Q

Failover cluster

A

Group of independent computers that work together to increase availability of applications and services

84
Q

Where is the best place to put an IDS

A

Behind the firewall

85
Q

IDS Methods

A

Signature-based:
* Evaluates based on database of signatures written by the vendor

Anomaly-based (Heuristic):

  • Looks for unexpected events
  • Must learn what activities are normal and acceptable
86
Q

NAC

A

Network Access Control

Evaluates system security status before connecting to network
Anti-virus status
System update level
Configuration settings
Software firewall enabled
87
Q

WTLS

A

Wireless Transport Layer Security

Security layer for WAP
Provides authentication, encryption and data integrity
* Class 1: Anonymous authentication
* Class 2: Server authentication
* Class 3: Mutual client/server authentication
Used in older versions of WAP
TLS replaced WTLS

88
Q

Rogue Access Points

A

WAP installed on a secure co network without authorization or has been created to allow a cracker to conduct a man in the middle attack.

Discovering: War Driving tools (Flying Squirrel, Air Snort, etc.)

89
Q

Ransoware/Ransoming

A

Someone hacks in and will encrypt your information then email asking for a ransom.

90
Q

Bluebugging

A

Take control of Bluetooth device for person gain

91
Q

Bluejacking

A

Sending of unsolicited messages over Bluetooth.

92
Q

Bluesnarfing

A

Theft of information from a Bluetooth device

93
Q

Packet Sniffing

A

Capture all data that passes through network
Can be wired or wireless
Plaintext data

Toos: Wireshark, Cain and Able, snoopt, kismet, etc.

94
Q

Promiscuous Mode

A

Sniffer is capable of capturing ALL packets traversing the network.

95
Q

Hypervisor

A

Controls virtualization technology

Two Types:

  • Type 1 (native, bare-metal)
    • run directly on the host’s hardware
  • Type 2 (hosted)
    • software applications running within conventional OS