Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Security+ Rc > SSL > Flashcards

SSL Flashcards

1
Q

If you manage hundreds of server farms, how do you maintain the security and encryption of data going through the network?

A

SSL Accelerators

Asymmetric encryption is hard and requires large cpu usage.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

SSL Handshake?

A

SSL requires symmetric encryption between browser and server but asymmetric encryption to secure the connection thus SSL Handshake.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

SSL Offload

A

SSL A offloads the process to a separate device instead of using the server; known as SSL Offloading/ SSL termination.

Comms what are encrypted may end at the offloading device and traffic beyond that point may be sent in the clear.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

SSL Decryption

A

Decrypt information, examine for malicious payload then re-encrypt it and send it on its way. Decryption occurs by your browser having trust between the browser and third party site. Without that trust there would be no decryption. All starts with the browser: Browser has a list of trusted CA’s. Browser doesn’t trust a website unless a CA has signed a web server’s encryption certificate; The website pays money to the CA for this.
CA performs checks making sure the certificate goes to the appropriate person, it also carries out checks such as validation against the DNS Record or a phone call.

Browser checks the web server’s certificates, if its signed by a CA, encryption works!

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

SSL Proxy

A

In order to decrypt the information going to the third party website, you are going to have to perform a proxy function. Done via FW or proxy. User sends request to proxy, proxy performs url filtering. Proxy intercepts and acts as the sender, sends request to the website.
Carries out SSL handshake. Website responds with its cert. Proxy checks sites certificate with external CA, marked ok. Proxy creates a GET request to website, website responds with here I am|200 OK|.
Proxy resigns website with its own self certificate so the host can recognise and trust it. Proxy re-encrypts with key. Sends website to host. LOOK AT PHOTO 28/01/2020.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Hardware security module

A

Cryptographic hardware, back up keys and keep them secure, can act as an ssl endpoint.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Media gateway - look into this again

A

Converts between PTSN and VoIP. ISDN one side, Ethernet other side. If someone gains access to this device, they can disable all comms. DoS.

Can make outbound malicious/spam calls or listen into corp communications.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Security+ Rc (18 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions