Protocols and Ports Flashcards
1
Q
SRTP
A
- secure real-time transport protocol is used to secure VoIP communications
- provides encryption, message authentication, integrity and protection against replay attacks for real-time transport protocol (RTP)
- uses AES as the default cipher
- uses UDP port 5004
2
Q
SSH
A
- secure shell encrypts traffic in transit and can be used to encrypt other protocols such as FTP
- can create a secure channel between two computers or network devices to enable one device to control the other device (remote administration)
- when SSH encrypts traffic, it uses TCP port 22
3
Q
SSL
A
- secure sockets layer was the primary method used to secure HTTP traffic as HTTPS
- SSL can also encrypt other types of traffic such as SMTP and LDAP
- it has been compromised and is not recommended for use
4
Q
TLS
A
- transport layer security protocol is the designated replacement for SSL
- designed to operate on top of another protocol such as TCP, UDP, LDAP
5
Q
SFTP
A
- secure file transfer protocol is a secure implementation of FTP
- it is an extension of SSH using SSH to transmit files in an encrypted format
- transmits data using TCP port 22
6
Q
FTPS
A
- file transfer protocol secure is an extension of FTP and uses TLS to encrypt FTP traffic
- some implementations of FTPS use TCP ports 989 and 990
- can also encrypt traffic over the FTP TCP ports 20 and 21
7
Q
DNSSEC
A
- domain name system security extensions is used to provide validation for DNS responses
- it adds a digital signature to each record that provides data integrity
8
Q
S/MIME
A
- secure/multipurpose internet mail extensions used to digitally sign and encrypt email
- uses RSA for asymmetric encryption and AES for symmetric encryption
- can encrypt email at rest (stored on a drive) and in transit (data sent over the network)
- because it uses RSA for asymmetric encryption, it require a PKI to distribute and manage certificates
9
Q
LDAPS
A
- lightweight directory access protocol secured uses encryption to protect LDAP transmissions
- when a client connects with a server using LDAPS, the two systems establish a TLS session before transmitting any data
- TLS encrypts the data before transmission using TCP port 636
10
Q
LDAP
A
- lightweight directory access protocol
- uses TCP port 389 for unencrypted
11
Q
SNMPv3
A
- simple network management protocol v3 monitors and manages network devices such as routers or switches
- can use SNMPv3 to modify the configuration of devices or have network devices report status back to a central network management system
- uses UDP port 161
12
Q
HTTPS
A
- hypertext transfer protocol secure encrypts web traffic to ensure it is secure while in transit
- https is encrypted with either SSL or TLS and it uses TCP port 443
13
Q
Secure POP
A
- secure post office protocol encrypts email transmissions with SSL or TLS and can use TCP port 995
- STARTTLS is now recommended to create a secure connection on port 110
14
Q
Secure IMAP
A
- internet message access protocol is used to store email on an email server
- IMAP allows a user to organize and manage email in folders on the server
- IMAP uses TCP port 143
- IMAP with SSL or TLS can use TCP port 993 but STARTTLS is recommended using the same TCP port 143
15
Q
WPA
A
- wiFi protected access provided a replacement for wired equivalent privacy (WEP)
- originally used TKIP which was compatible with older hardware
- later implementations support AES encryption
16
Q
WPA2
A
- wiFi protected access 2 is the permanent replacement for WPA
- WPA supports CCMP (based on AES) which is stronger than the older TKIP protocol
- CCMP should be used instead of TKIP
17
Q
CCMP
A
- counter mode with cipher block chaining message authentication protocol
- used with WPA2 and AES
18
Q
TKIP
A
- temporal key integrity protocol is an older encryption protocol used with WPA
- TKIP and WPA have been deprecated
- TKIP didn’t require new hardware
19
Q
EAP
A
- extensible authentication protocol is a framework of protocols that allows for numerous methods of authentication including passwords, digital certificates, and public key infrastructure
- provides a method for 2 systems to create a secure encryption key, also known as a pairwise master key (PMK)
20
Q
PEAP
A
- protected extensible authentication protocol provides an extra layer of protection for EAP
- PEAP encapsulates and encrypts the EAP conversation in a TLS tunnel
- PEAP requires a certificate on the server, but not the clients
- Supports mutual authentication by using server certificates and Microsoft’s Active Directory to authenticate a client’s password
21
Q
EAP-FAST
A
- extensible authentication protocol flexible authentication via secure tunneling
- Provides flexible authentication via secure tunneling (FAST) by using a protected access credential instead of a certificate for mutual authentication
- designed to replace LEAP which was used with WEP which is no longer in use
22
Q
EAP-TLS
A
- extensible authentication protocol over transport layer security
- requires certificates on the 802.1x server and on each of the wireless clients
23
Q
EAP-TTLS
A
- extensible authentication protocol tunneled transport layer security is an extension of PEAP allowing systems to use some older authentication methods such as password authentication protocol (PAP) within a TLS tunnel
- requires a certificate on the 802.1x server but not the clients
- uses a server-side digital certificate and a client-side password for mutual authentication
24
Q
IEEE 802.1x
A
- 802.1x server provides port-based authentication, ensuring only authorized clients can connect to a network (port based network access control)
- can be used in conjunction with a central database such as RADIUS, LDAP, TACACS+
