Network Security Flashcards
DES
Data Encryption Standard
SYMMETRIC
● Developed in the mid-1970s
● 56-bit key
● Used by SNMPv3
● Considered weak today
3DES
3DES (Triple DES)
SYMMETRIC
● Uses three 56-bit keys (168-bit total)
● Encrypt, decrypt, encrypt
AES
AES (Advanced Encryption Standard)
SYMMETRIC
● Preferred symmetric encryption standard
● Used by WPA2
● Available in 128-bit, 192-bit, and 256-bit keys
RSA
ASYMMETRIC
Used with PKI
MD5
▪ Message digest 5 (MD5)
● 128-bit hash digest
SHA-1
Secure Hash Algorithm 1 (SHA-1) ● 160-bit hash digest
SHA-2
Secure Hash Algorithm 256 (SHA-256) ● 256-bit hash digest
CRAMMD5
Challenge-Response Authentication Mechanism Message Digest 5 (CRAMMD5)
● Common variant often used in e-mail systems
RADIUS
Open Standard, UDP based authentication protocol
UDP port 1812/1813
TACACS+
Cisco proprietary, TCP-based Authentication protocol
TCP port 49
Kerberos
Authentication in Windows
Ticket based
AUP
Acceptable Use Policy
DLP
Data Loss Prevention
System Lifecycle
● Conceptual Design
● Preliminary Design
● Detailed Design
● Production and Installation
● Operations and Support
● Phase Out
● Disposal
NGFW
NextGen Firewalls (NGFW)
▪ Third generation firewalls that conduct deep packet inspection and packet filtering
▪ Operates at higher levels of the OSI model than traditional stateful firewalls
▪ Web Application Firewalls are a good example of these, as they inspect HTTP traffic
ACL
Access Control List (ACL)
▪ Set of rules typically applied to router interfaces that permit or deny certain traffic
▪ ACL filtering criteria includes:
● Source IP, Port, or MAC
● Destination IP, Port, or MAC
UTM
Unified Threat Management (UTM) Devices
▪ Device that combines firewall, router, intrusion detection/prevention system, antimalware, and other security features into a single device
▪ Agent is run on an internal client and can be queried by the UTM before allowing connection to the network
▪ UTM can be purchased as a physical device to install in your network, or you can look to a cloud solution