Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Security+ > Protocols and Ports > Flashcards

Protocols and Ports Flashcards

1
Q

SRTP

A
  • secure real-time transport protocol is used to secure VoIP communications
  • provides encryption, message authentication, integrity and protection against replay attacks for real-time transport protocol (RTP)
  • uses AES as the default cipher
  • uses UDP port 5004
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

SSH

A
  • secure shell encrypts traffic in transit and can be used to encrypt other protocols such as FTP
  • can create a secure channel between two computers or network devices to enable one device to control the other device (remote administration)
  • when SSH encrypts traffic, it uses TCP port 22
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

SSL

A
  • secure sockets layer was the primary method used to secure HTTP traffic as HTTPS
  • SSL can also encrypt other types of traffic such as SMTP and LDAP
  • it has been compromised and is not recommended for use
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

TLS

A
  • transport layer security protocol is the designated replacement for SSL
  • designed to operate on top of another protocol such as TCP, UDP, LDAP
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

SFTP

A
  • secure file transfer protocol is a secure implementation of FTP
  • it is an extension of SSH using SSH to transmit files in an encrypted format
  • transmits data using TCP port 22
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

FTPS

A
  • file transfer protocol secure is an extension of FTP and uses TLS to encrypt FTP traffic
  • some implementations of FTPS use TCP ports 989 and 990
  • can also encrypt traffic over the FTP TCP ports 20 and 21
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

DNSSEC

A
  • domain name system security extensions is used to provide validation for DNS responses
  • it adds a digital signature to each record that provides data integrity
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

S/MIME

A
  • secure/multipurpose internet mail extensions used to digitally sign and encrypt email
  • uses RSA for asymmetric encryption and AES for symmetric encryption
  • can encrypt email at rest (stored on a drive) and in transit (data sent over the network)
  • because it uses RSA for asymmetric encryption, it require a PKI to distribute and manage certificates
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

LDAPS

A
  • lightweight directory access protocol secured uses encryption to protect LDAP transmissions
  • when a client connects with a server using LDAPS, the two systems establish a TLS session before transmitting any data
  • TLS encrypts the data before transmission using TCP port 636
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

LDAP

A
  • lightweight directory access protocol

- uses TCP port 389 for unencrypted

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

SNMPv3

A
  • simple network management protocol v3 monitors and manages network devices such as routers or switches
  • can use SNMPv3 to modify the configuration of devices or have network devices report status back to a central network management system
  • uses UDP port 161
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

HTTPS

A
  • hypertext transfer protocol secure encrypts web traffic to ensure it is secure while in transit
  • https is encrypted with either SSL or TLS and it uses TCP port 443
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Secure POP

A
  • secure post office protocol encrypts email transmissions with SSL or TLS and can use TCP port 995
  • STARTTLS is now recommended to create a secure connection on port 110
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Secure IMAP

A
  • internet message access protocol is used to store email on an email server
  • IMAP allows a user to organize and manage email in folders on the server
  • IMAP uses TCP port 143
  • IMAP with SSL or TLS can use TCP port 993 but STARTTLS is recommended using the same TCP port 143
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

WPA

A
  • wiFi protected access provided a replacement for wired equivalent privacy (WEP)
  • originally used TKIP which was compatible with older hardware
  • later implementations support AES encryption
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

WPA2

A
  • wiFi protected access 2 is the permanent replacement for WPA
  • WPA supports CCMP (based on AES) which is stronger than the older TKIP protocol
  • CCMP should be used instead of TKIP
17
Q

CCMP

A
  • counter mode with cipher block chaining message authentication protocol
  • used with WPA2 and AES
18
Q

TKIP

A
  • temporal key integrity protocol is an older encryption protocol used with WPA
  • TKIP and WPA have been deprecated
  • TKIP didn’t require new hardware
19
Q

EAP

A
  • extensible authentication protocol is a framework of protocols that allows for numerous methods of authentication including passwords, digital certificates, and public key infrastructure
  • provides a method for 2 systems to create a secure encryption key, also known as a pairwise master key (PMK)
20
Q

PEAP

A
  • protected extensible authentication protocol provides an extra layer of protection for EAP
  • PEAP encapsulates and encrypts the EAP conversation in a TLS tunnel
  • PEAP requires a certificate on the server, but not the clients
  • Supports mutual authentication by using server certificates and Microsoft’s Active Directory to authenticate a client’s password
21
Q

EAP-FAST

A
  • extensible authentication protocol flexible authentication via secure tunneling
  • Provides flexible authentication via secure tunneling (FAST) by using a protected access credential instead of a certificate for mutual authentication
  • designed to replace LEAP which was used with WEP which is no longer in use
22
Q

EAP-TLS

A
  • extensible authentication protocol over transport layer security
  • requires certificates on the 802.1x server and on each of the wireless clients
23
Q

EAP-TTLS

A
  • extensible authentication protocol tunneled transport layer security is an extension of PEAP allowing systems to use some older authentication methods such as password authentication protocol (PAP) within a TLS tunnel
  • requires a certificate on the 802.1x server but not the clients
  • uses a server-side digital certificate and a client-side password for mutual authentication
24
Q

IEEE 802.1x

A
  • 802.1x server provides port-based authentication, ensuring only authorized clients can connect to a network (port based network access control)
  • can be used in conjunction with a central database such as RADIUS, LDAP, TACACS+

Security+ (10 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions