Networking & Protocols Flashcards

1
Q

CHAP

A

Challenge Handshake Authentication Protocol

Protocol used by VPN servers to validate identity of remote clients. Uses a three-way handshake process:

  1. Server challenges the client
  2. Client responds with hashed combo of the challenge nonce and a shared secret
  3. Server checks response and if correct, grants client access

Protects against replay attacks by periodically reverifing client using a different challenge value.

Stronger than PAP b/c doesn’t send pwd in plain-text but not as strong as MS-CHAP v2.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

WAP

A

Wireless Access Point/Access Point (AP)

A networking hardware device that allows other Wi-Fi devices to connect to a wired network. See AP.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

PAP

A

Password Authentication Protocol

Used with Point-to-Point Protocol (PPP) to authenticate clients.

Significant weakness becuase sends passwords over network in cleartext. Used as last resort.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

WEP

A

Wired Equivalent Privacy

  • Designed to give wireless networks the same level of privacy protection as a comparable wired network
  • Easy to determine key using readily available tools
  • Deprecated
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

SFTP

A

Secure File Transfer Protocol

  • Secure implementation of FTP
  • Extension of SSH
  • Uses SSH to transmit files in encrypted format
  • Uses TCP port 22
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

L2TP

A

Layer 2 Tunneling Protocol

  • Protocol used to support VPNs or as part of the delivery of services by ISPs
  • Does not provide any encryption or confidentiality of content by itself
  • Usually implemented with IPsec for encryption
  • Uses UDP port 1701
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

LEAP

A

Lightweight Extenisible Authentication Protocol

Cisco Systems’ proprietary Extensible Automation Protocol implementation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

WPA

A

WiFi Protected Access

  • Interim replacement for WEP
  • Uses TKIP (Temporal Key Integrity Protocol) which dynamically generates a 128-bit key
  • Susceptible to attacks:
    • password-cracking attack, especially when a weak passphrase is used
    • disassociation attack
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

SMTPS

A

Simple Mail Transfer Protocol Secure

  • Secures SMTP with TLS
  • Provide authentication of the communication partners, as well as data integrity and confidentiality
  • Uses TCP port 587, sometimes port 465
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

CCMP

A

CCM Mode Protocol (Counter Mode CBC Message Authentication Code Protocol)

  • An encryption protocol based on AES and used with WPA2 for wireless network security
  • More secure than TKIP (Transient Key Integrity Protocol), which was used with the original release of WPA.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

PAT

A

Port Address Translation

Feature on network devices that translates private IP addresses into the public IP address using port numbers.

Uses IPv4 address but with port number

It has two types:

  • static
  • overloaded PAT
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

IP

A

Internet Protocol

  • Protocol for routing and addressing packets of data so that they can travel across networks and arrive at the correct destination
  • Defines packet structures to encapsulate the data to be delivered
  • Defines addressing methods that are used to label the data with source and destination information.
  • IPv4 dominent protocol of the internet
  • Does not guarantee delivery or acknowledge whether data has been received or corrupted.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

TKIP

A

Temporal Key Integrity Protocol

  • Interim solution to replace WEP without requiring the replacement of legacy hardware
  • Used with WPA
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

MMS

A

Multimedia Message Service

A method used to send text messages. It is an extension of SMS and supports sending multimedia content.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

WPA2

A

WiFi Protected Access 2

  • Wireless security protocol that permanently replaces WEP and WPA
  • Supports AES encryption through CCMP (Counter Mode/MAC Protocol) with 128-bit encryption key
  • 2 modes:
    • Pre-shared Key (PSK)/Open Mode - anonymous user access with PSK or passphrase, authorization without authentication
    • Enterprise Mode - forces users to authenticate with unique credentials
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

SNMP

A

Simple Network Management Protocol

  • An application-layer service used to exchange information between network devices
  • Uses 2 ports:

161 - manager communication with agents

162 - unsolicited messages from agent to manager (trap)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

EAP-TLS

A

EAP-Transport Layer Security

An extension of EAP that is sometime used with 802.1x.

One of most secure EAP standards and is widely implemented.

Requires certificates on 802.1x server and on the clients.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

ICMP

A

Internet Control Message Protocol

  • Used to test basic connectivity between devices.
  • Includes tools such as ping, pathping, and tracert.
  • Often targeted by DoS attacks so blocked by many firewalls.
  • Not typically used to exchange data between systems or used by end-user network applications.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

MS-CHAP/MS-CHAPv2

A

MS Challenge Handshake Authentication Protocol v2

Microsoft version of CHAP with improvements

MS-CHAPv2 significant improvements with ability to perform mutual authentication:

  • Client authenticates to the server
  • Server authenticates to client

Provides assurances of the server’s identity before client sends data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

VPN

A

Virtual Private Network

  • Method for providing access to a private network over a public network such as the internet.
  • VPN concentrators are dedicated devices used to provide VPN access to a large group of users
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

ISAKMP

A

Internet Security Association and Key Management Protocol

  • Protocol for establishing Security association (SA) and cryptographic keys in an Internet environment
  • Only provides a framework for authentication and key exchange
  • Designed to be key exchange independent
  • Uses UDP port 500
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

TGT

A

Ticket Granting Ticket

Part of Kerberos process

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

SOAP

A

Simple Object Access Protocol

Messaging protocol for exchanging structured information in the implementation of web services within computer networks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

POP

A

Post Office Protocol

  • An application-layer Internet standard protocol used by e-mail clients to retrieve e-mail from a mail server
  • Current version is POP3
  • Uses TCP port 110
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

STP

A

Spanning Tree Protocol

A protocol enabled on most switches that protects against switching loops. A switching loop can be caused if 2 ports of a switch are connected.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

NetBIOS

A

Network Basic Input/Output System

  • Program (API) that allows applications on different computers to communicate within a LAN
  • Uses ports 135-139
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

ESP

A

Encapsulating Security Payload

Provides origin authenticity through source authentication, data integrity through hash functions and confidentiality through IP packet encryption

Uses protocol 50

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

VoIP

A

Voice Over IP

Term used for a technology that enables telephony communications over a network by using the IP protocol

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

PEAP

A

Protected Extensible Authentication Protocol

  • Extension to EAP sometimes used with 802.1X
  • Requires a certificate on the 802.1X server.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

FTPS

A

FTP over SSL

A protocol that combines the use of FTP with additional support for TLS

Uses TCP ports:

989 - data transfer

990 - command control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

NAT

A

Network Address Translation

  • Protocol that translates public IP addresses to private IP addresses and vice versa.
    • Static NAT: single public IP in one-to-one mapping
    • Dynamic NAT: multiple public IP address in one-to-many mapping
  • Advantages:
    • Don’t need to buy public IP addresses for all clients
    • Hides internal computers from internet
  • Not compatible with IPsec
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

DNS

A

Domain Name System

Hierarchical, decentralized service used to resolve the more recognizable host names to IP addresses

Uses TCP & UDP port 53

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

SCP

A

Secure Copy Protocol

  • Protocol based on SSH
  • Used to copy encrypted files over a network
  • Uses TCP port 22
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

SHTTP

A

Secure Hypertext Transfer Protocol

Obsolete alternative to HTTPS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

802.1x

A
  • Standard for port-based Network Access Control (PNAC) and provides the protected authentication for secure n/w access
  • 802.1x networks use an authentication server like RADIUS or EAP to verify user credentials
  • User identity authenticated based on their credentials or a certificate.
  • After authentication, 802.1x open a ports for network access
  • Can be implemented in both wireless and wired networks
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

EAP-FAST

A

EAP-Flexible Authentication via Secure Tunneling

A Cisco designed replacement for Lightweight EAP (LEAP).

EAP-FAST supports certificates but they are optional.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

TCP/IP

A

Transmission Control Protocol/Internet Protocol

  • Suite of communications protocols used in the Internet and similar computer networks
  • TCP part has to do with the verifying delivery of the packets
  • IP part refers to the moving of data packets between nodes
  • Protocol has become the foundation of the Internet and TCP/IP software is built into most OSs
38
Q

SSL

A

Secure Sockets Layer

  • Security protocol that uses certificates for authentication and encryption to protect web communication
  • Considered deprecated
39
Q

HTTP

A

Hypertext Transfer Protocol

  • Protocol that defines the interaction between a web server and a browser.
  • Uses port 80
40
Q

IKE

A

Internet Key Exchange

Protocol used to set up a security associations (SAs) in IPsec.

Uses UDP port 500

41
Q

PPP

A

Point-to-Point Protocol

A data link layer (Layer 2) communication protocol between two routers directly without any host or any other networking in between.

It can provide connection authentication transmission encryption and data compression.

42
Q

SSH

A

Secure Shell

  • Protocol for secure remote logon and secure transfer of data
  • Uses TCP port 22
43
Q

KDC

A

Key Distribution Center

  • Part of Kerberos protocol used for network authentication.
  • Issues timestamped tickets that expire.
  • aka a TGT server.
44
Q

S/MIME

A

Secure/Multipurpose Internet Mail Extensions

  • Standard for public key encryption and signing of email data
  • Provides:
    • confidentiality
    • integrity
    • authentication
    • non-repudiation.
45
Q

GRE

A

Generic Routing Encapsulation

A tunneling protocol developed by Cisco Systems that can encapsulate a wide variety of network layer protocols inside virtual point-to-point links or point-to-multipoint links over an Internet Protocol network.

46
Q

UDP

A

User Datagram Protocol

  • A communications protocol that is primarily used for establishing low-latency and loss-tolerating connections between applications on the internet.
  • It speeds up transmissions by enabling the transfer of data before an agreement is provided by the receiving party.
47
Q

EAP-TTLS

A

Extensible Authentication Protocol-Tunneled Transport Layer Security

  • Extension of EAP sometimes used with 802.1x
  • Encrypts user credentials when they enter their user name and password when used with RADIUS or CHAP password
  • It allows systems to use some older authentication methods such as PAP within a TLS tunnel.
  • Requires certificates on 802.1x server and but not on the clients.
48
Q

Diameter

A

Centralized AAA protocol for computer networks

Designed to overcome limitations of RADIUS and supports many add’l capabilities such as:

  • Securing transmissions with EAP, IPsec, or TLS
  • Using TCP and SCTP instead of UDP

Provides upgrade path for RADIUS

49
Q

PPTP

A

Point-to-Point Tunneling Protocol

  • Obsolete method for implementing VPNs that has many well known security issues
  • Uses port 1723
50
Q

SMB

A

Server Message Block

  • Communication protocol for providing shared access to files, printers, and serial ports between nodes on a network
  • Provides an authenticated inter-process communication
  • Commonly used on Windows networks
51
Q

WPS

A

WiFi Protected Setup

  • Feature of WPA and WPA2
  • Allows WIFI setup based on an 8-digit PIN
  • Not secure and usage strongly discouraged
52
Q

NAC

A

Network Access Control

Provides continuous security monitoring by inspecting computers and preventing them from accessing network if don’t pass inspection

Can inspect health of VPN clients

Use authentication (health) agents to perform host health checks to ensure:

  • AV up to date
  • OS up to date
  • Firewall enabled

If client doesn’t pass check, NAC either redirects them to remediation (quarentine) network or prevents access completely

2 types of agents:

  • Permanent (persistent): installed on client and stays there
  • Dissolvable: downloaded and run on client when they login remotely and remove themselves after check passed or client logs out. Used mainly with mobile devices with BYOD policy
53
Q

TACACS+

A

Terminal Access Controller Access-Control System Plus

  • AAA authentication protocol that provides central authentication for remote access clients
  • Originally developed by Cisco this now an open standard
  • Can be used as an alternative to RADIUS
  • Uses port 49
54
Q

Virtualization

A

Technology that allows you to host multiple virtual machines on a single physical system

Different types include:

  • Type I
  • Type II
  • Container
55
Q

IGRP

A

Interior Gateway Routing Protocol

A proprietary distance-vector routing protocol developed by Cisco as an improvement over RIP and RIP v2.

56
Q

NTP

A

Network Time Protocol

  • Protocol for clock synchronization between computer systems in a network
  • Uses port 123
57
Q

BIOS

A

Basic Input/Output System

A program installed on Windows computers in the EPROM and is accessed before OS is loaded.

Checks all h/w connections and locates all devices, then loads the OS into memory.

Can be used as computer’s firmware interface to manipulate different settings such as:

  • Date & time
  • Boot drive
  • Access pwd
58
Q

hypervisor

A

Software that creates, runs, and manages VM

2 types of hypervisors:

  • Type I - runs directly on the hardware, aka bare bones virtualization
  • Type II - runs as s/w within host OS

Several virtualization technologies exist:

  • VMware pdts
  • Microsoft Hyper-V pdts
  • Oracle VM VirtualBox
59
Q

SSID

A

Service Set Identifier

Name of the wireless network on a WAP

Default is to broadcast name; can turn off broadcast but doesn’t provide much security

60
Q

EAP

A

Extensible Authentication Protocol

A wireless authentication protocol that enables systems to use hardware-based identifiers such as fingerprint scanners or smart card readers for authentication.

61
Q

RTP

A

Real-time Transport Protocol

  • Protocol for delivering audio and video over IP networks
  • Used in communication and entertainment systems that involve streaming media:
    • telephony
    • video teleconference
  • Uses ports 5004 and 5005
62
Q

WTLS

A

Wireless TLS

  • Security level for Wireless Application Protocol (WAP) applications
  • Developed to provide adequate authentication, data integrity, and privacy protection mechanisms
63
Q

DHCP

A

Dynamic Host Configuration Protocol

A protocol used to dynamically assign an IP address and other network configuration parameters to each device on the network, so they can communicate with other IP networks.

Uses UDP ports:

67 - server

68 - client

64
Q

TSIG

A

Transaction Signature

  • Enables the Domain Name System (DNS) to authenticate updates to a DNS database
  • It is most commonly used to update Dynamic DNS or a secondary DNS server
  • Uses shared secret keys and one-way hashing to provide a cryptographically secure means of authenticating each endpoint of a connection
65
Q

FTP

A

File Transfer Protocol

A communications protocol that enables the transfer of files between a user’s workstation and a remote host.

Transfer done in cleartext

Uses TCP ports:

20 - data transfer

21 - command control

66
Q

IPSec

A

Internet Protocol Security

Secure network protocol suite that authenticates and encrypts packets of data to provide secure encrypted communication between two computers

2 main components:

  1. Authentication Header (AH) - allows each of the 2 hosts to authenticate with each other before exchanging data, uses protocol 51
  2. Encapsulating Security Payload (ESP) - provides origin authenticity through source authentication, data integrity through hash functions and confidentiality through IP packet encryption; uses protocol 50

Supports 2 modes:

  1. Tunnel mode - encrypts entire IP packet in internal network and is used with VPN
  2. Transport mode - encrypts the payload but not the IP address; used in private networks;

IPsec and IKE

  • Uses IKE over port 500 to authenticate clients in the IPsec conversation
  • Creates security associations (SAs) for the VPN to setup a secure channel between client and VPN server
67
Q

SMS

A

Short Message Service

68
Q

Container Virtualization

A

Also known as application cell virtualization. Runs services or applications within isolated containers.

Does not have own OS/kernel

Advantages:

  • Uses fewer resources
  • More efficient

Disadvantages: must use host OS

69
Q

LDAPS

A

LDAP Secure

  • Protocol that uses TLS encryption to protect LDAP transmissions
  • Uses port 636
70
Q

TLS

A

Transport Layer Security

Security protocol that uses certificates and public key cryptography for mutual authentication and data encryption over a TCP /IP connection

71
Q

RDP

A

Remote Desktop Protocol

  • Proprietary protocol developed by Microsoft
  • Provides a graphical interface for a user to connect to another computer over a network connection
  • Uses port 3389
72
Q

SMTP

A

Simple Mail Transfer Protocol

  • Internet standard communication protocol for electronic mail transmission
  • Mail servers and other message transfer agents use SMTP to send and receive mail messages
  • Email clients use SMTP to send messages to a mail server for relaying
  • SMTP servers use TCP port 25
73
Q

SIP

A

Session Initialization Protocol

  • Signaling protocol that enables VoIP
  • Defines the messages sent between endpoints and manages elements of a call
  • Supports voice calls, video conferencing, instant messaging, and media distribution
  • Vulnerable to attack
74
Q

EIGRP

A

Enhanced Interior Gateway Routing Protocol

An improvement over IGRP that includes features that support variable length subnet masking (VLSM) and classfull and classless sub net masks.

75
Q

ARP

A

Address Resolution Protocol

  • Communications protocol for mapping an IP address to the physical address (MAC) of a computer connected to a n/w
  • At n/w gateway, ARP converts the IP address to a MAC address by a table lookup
  • If address not found, ARP broadcasts request packet to all n/w machines on n/w to find IP owner
  • If a valid system is located, data is relayed to the gateway and ARP cache is updated.
  • Subject to spoofing and poisoning attacks
76
Q

Kerberos

A
  • Network authentication mechanism used with Windows Active Directory domains and some Unix environments (realms)
  • Clients obtain time-sensitive tickets from the Kerberos Key Distribution Center (KDC) and present them to servers when connections are established
  • Kerberos tickets represent the client’s network credentials.
  • Kerberos can also be used to establish Single Sign-On (SSO)
77
Q

SIPS

A

Session Initialization Protocol Secure

Security mechanism that sends SIP messages over a TLS encrypted channel

78
Q

AH

A

Authentication Header

  • Component of the IPSec protocol
  • Allows each of the hosts in the IPsec conversation to authenticate with each other before exchanging data
  • Uses a hash function and a shared secret key to provide integrity
  • Uses protocol # 51
79
Q

RADIUS

A

Remote Authentication Dial-in User Server

  • AAA protocol for providing centralized authentication and authorization services for remote users
  • Uses ports 1812 and 1813
80
Q

PSK

A

Pre-Shared Key

A string of text that a VPN or other network service expects to receive prior to any other credentials.

In the context of WPA/2-Personal the key is generated from the wireless password

81
Q

LDAP

A

Lightweight Directory Access Protocol;

  • Protocol used to communicate with directories such as MS Active Directory
  • Based on an earlier version of X.500
  • Windows Active Directory domains and Unix realms use LDAP To identify objects in query strings using codes such as CN=Users, DC=Server 1, and DC=Com
  • Uses port 389
82
Q

API

A

Application Programming Interface

  • A computing interface that defines interactions between multiple software intermediaries.
  • Potential attack vector.
83
Q

SRTP

A

Secure Real-time Transport

  • Protocol that provides audio and video streaming media over a TCP /IP network.
  • Uses encryption services to uphold the authenticity and integrity of streaming media as well as to protect against replay attacks
84
Q

IMAP4

A

Internet Message Access Protocol v4

  • Protocol used by email clients to retrieve incoming email messages from a mail server over a TCP/IP connection
  • Uses port 143
85
Q

DNSSEC

A

Domain Name System Security Extensions

A suite of extensions to DNS used to protect the integrity of DNS records and prevent some DNS attacks.

Provides the following:

  • Cryptographic authentication of DNS data
  • Authenticated denial of existence
  • Data integrity
86
Q

IRC

A

Internet Relay Chat

  • A protocol for real-time text messaging between internet-connected computers
  • Mainly used for group discussion in chat rooms
  • Also supports:
    • private messages between two users
    • data transfer
    • various server-side and client-side commands
87
Q

REST

A

Representational State Transfer

  • Software architecture that uses a subset of HTTP.
  • Commonly used to create interactive applications that use web services
  • REST-compliant systems are characterized by:
    • Use of a statelessness (doesn’t store any information about the client on the server side
    • Client and server
  • REST-compliant systems are often called RESTful
88
Q

CSU

A

Channel Service Unit

A digital communication device used to connect a digital line to a digital device.

CSUs can be used to link a LANs to a WAN using telecommunications carrier services.

89
Q

TFTP

A

Trivial File Transfer Protocol

  • Insecure limited version of FTP
  • Used primarily to automate the process of configuring boot files between computers
  • Uses UDP port 69
90
Q

HTTPS

A

Hypertext Transfer Protocol Secure

  • Protocol that uses TLS to encrypt HTTP traffic
  • Uses TCP port 443
91
Q

MIME

A

Multipurpose Internet Mail Extensions

An extension of SMTP that enables the exchange of audio video images applications and other data formats through email

92
Q

MPLS

A

Multi-Protocol Label Switching

  • Network routing technique that directs data from one node to the next based on short path labels rather than long network addresses.
    • Avoids complex lookups in a routing table
    • Speeds up traffic flows
  • Labels provide virtual links between nodes rather than endpoints