Securing TCP/IP

Question 1

Block Cipher

Answer 1

An encryption algorithim in which data is encrypted in “chunks” of a certain length at a time.

Question 2

DES

Answer 2

Data Encryption Standard: A symmetcic-key algorithm developed by the U.S. government in the 1970’s and formerly in use in a variety of TCP/IP applications. DES used a 64-bit block and a 56-bit key. Over time, the 56-bit key made DES susceptible to brute-force attacks.

DES

3DES

IDEA

Blowfish

Question 3

Stream Cipher

Answer 3

Takes a single bit at a time and encrypts is on-the-fly.

RC4

Question 4

AES

Answer 4

American Encryption Standard: block cipher that uses a 128-bit block size and 128-, 192-, or 256-bit key size.

Exam Tip: When in doubt on a question about symmetric algorithms, always pick AES. You’ll be right most of the time.

Question 5

Hash

Answer 5

A cryptographic hash function is a mathematical function that you run on a string of binary digits of any length that results in a value of some fixed length (often called a checksum or a message digest). No matter how long or how short the input, the hash’s message digest will always be the same length (usually around 100 to 500 bits long, depending on the type of hash your use).

Question 6

CRAM-MD5

Answer 6

Challenge-Response Authentication Mechanism-Message Digest 5

is a tool for server authentication.

Question 7

PKI

Answer 7

Public Key Infrastructure - The system for creating and distributing digital certificates using sites like Comodo, Symantec, or GoDaddy.

Question 8

Multifactor Authentication

Answer 8

Using two or more distinctly differednt methods for authentication. Generally, these methods fall into one of six categories, the first five of which you need to remember for the exam.

• something you know (username, passphrase, or PIN)
• something you have (key fob or RFID badge)
• something you are (biometrics)
• somewhere you are (requires you to be in a particular location to authenticate)
• something you do (writing your signature)

Question 9

ACL

Answer 9

Access Control List: A clearly defined list of permissions that specifies what actions an authenticated user may perform on a shared resource.

There are three types on ACL’s:

• mandatory
• discretionary
• role based

Question 10

MAC

Answer 10

Mandatory Access Control: A security model in which every resource is assigned a label that defines its security level. If the user lack that security level, they do not get access.

Question 11

DAC

Answer 11

Discretionary Access Control: authorization method based on the idea that there is an owner of a resource who may at his or her discretion assign access to that resource. DAC is considered much moure flexible that mandatory access control (MAC)

Question 12

RBAC

Answer 12

Role Based Access Control: The most popular authentication model used in file sharing, defines a user’s access to a resource based on the roles the user plays in the network encironment, This leads to the idea of creation of groups. A group in most networks is nothing more than a name that has clearly defined accesses to different resources. User accournts are placed into various groups.

Question 13

PPP

Answer 13

Point to Point Protocol: enables two point-to-point devices to connect, authenticate with a user name and password, and negotiate the network protocol the two devices will use.

PPP has two methods of authentication PAP and CHAP

Question 14

PAP

Answer 14

Passwork Authentication Protocol: simply transmits the user name and password orver the connection in plaintext.

Question 15

CHAP

Answer 15

Challenge Handshake Authentication Protocol: It has the serving system challenge the remote client, which must provide an encrypted ( hashed ) password.

latest version is MS-CHAPv2: provides the most security over PAP or CHAP

Question 16

AAA

Answer 16

Authentication , Authorization, and Accounting: A security philosophy wherein a computer trying to connect to a network must first present some form of credential in order to be authenticated and then must have limitable permissions within the network. The authenticating server should also record session information about the client.

RADIUS and TACACS+

Question 17

RADIUS

Answer 17

Remote Authentication Dial-In User Service: RADIUS consists of three devices: the RADIUS server that has access to a database of user names and passwords, a number of network access servers (NAS’s) that control the modems, and a group of systems that dial into the network.

Question 18

TACACS+

Answer 18

Terminal Access Controller Access Control System Plus: A protocol developed by Cisco to support AAA in a network with many routers and switches. It is similar to RADIUS in function, but separates AAA into different parts.

TACACS+ uses PAP, CHAP, MD5, and can use Kerberos

Question 19

IPsec

Answer 19

A network layer encryption protocol. works in two different modes: Transport mode and Tunnel mode.

In transport mode , only the actual payload of the IP packet is encrypted: the destination and source IP addresses and otheIP header information are still readable.

In Tunnel mode, the entire IP packet is encrypted and then placed into an IPsec endpoint where it is encapsulated inside another IP packet.

Question 20

SCP

Answer 20

Secure Copy Protocol: one of the first protocols used to transfer data securely between two hosts and thus might have replaced FTP.

Question 21

SFTP

Answer 21

SSH FTP (SFTP) was designed as a secure replacement for FTP. Not to be confused with FTPS, which is FTP using SSL/TLS.

Question 22

LDAP

Answer 22

Lightweight Directory Access Protocol: is the tool that programs use to query and change a database used by the network.