Security+ Chapter 3, Part 2
An insecure, plaintext method of transferring files between machines. Uses TCP port 21 to negotiate the transfer, then a higher port address to make the transfer.
FTP or File Transfer Protocol
The implementation of FTP over an SSL/TLS secured channel. TCP ports 989 and 990.
FTPS
This protocol encapsulates FC frames, enabling for FC communication over 10GbE networks.
FCoE or Fibre Channel over Ethernet
The use of SSL or TLS to create an encrypted channel over which HTTP traffic is transmitted. TCP port 443. Most widely used method to secure HTTP traffic.
HTTPS or HTTP over SSL
How many bits are in an IPv6 address?
128
How many bits are in an IPv4 address?
32
What is tunneling?
A means of encapsulating packets inside a protocol that is understood only at the entry and exit points of said tunnel.
What is it and what's its port? NetBIOS
A naming system for Windows machines. TCP 137-139.
To cover both privacy and integrity in an IPsec packet, what two headers must be added to IP datagrams?
AH and ESP
What are the two IPsec protocols for providing traffic security?
AH or Authentication Header. ESP or Encapsulating Security Payload.
What does an Authentication Header (AH) do?
An AH header ensures the integrity of the data and also the authenticity of the data's origin. It protects integrity but not privacy.
What does an Encapsulating Security Payload (ESP) do?
An ESP header ensures security for higher-level protocol portions of the packet, not just the IP header. It protects privacy but not integrity.
Explain the idea of a "tunnel inside a tunnel" when referring to IPsec.
An SA exists between the two endpoint servers as a tunnel, and within that tunnel is another SA - or two SA's for bidirectional security - between the client machines.
In transport mode of IPsec, the security of packet traffic is the responsibility of ____.
Computers of the sending and receiving systems.
Protection of header information in IPsec is also called ____.
Context Protection
A protocol for the translation of names into IP addresses and vice-versa. UDP port 53. One of the primary underlying protocols of the Internet and is involved in almost all addressing lookups.
DNS or Domain Name Service (Server)
IPsec is flexible and allows for other technologies to be used in its framework. What does it use for key exchanges between peers on a public network?
Diffie-Hellman Exchanges
IPsec is flexible and allows for other technologies to be used in its framework. What does it use as digital ID cards between parties?
Digital Certificates
What is it and what's its port? DNS
Domain Name System. TCP and UDP 53.
High-speed network technology used to connect storage to computer systems. This protocol is a transport protocol similar to TCP. High cost.
Fibre Channel or FC.
What is it and what's its port? FTP
File Transfer Protocol. TCP 21.
Hey.
Go look at the OSI Relevance chart on page 56. I seriously promise you'll be glad you did.
IPsec is flexible and allows for other technologies to be used in its framework. What is an example of a keyed hash algorithm that it uses?
HMAC (Look this up)
Application protocol that forms the basis of the Web. TCP port 80. Operates on a client/server model involving hyperlinks and browser-rendered content from a collection of referenced content.
HTTP or Hypertext Transfer Protocol
What is it and what's its port? HTTPS
Hypertext Transfer Protocol over Secure Shell (or Transport Layer Security). Sometimes referenced as HTTP-Secure but this is not technically accurate. TCP 443.
What is it and what's its port? HTTP
Hypertext Transfer Protocol. TCP 80.
Aspect of the IP suite used for diagnostics, control, and error messaging.
ICMP or Internet Control Message Protocol
IPsec is flexible and allows for other technologies to be used in its framework. What bulk encryption algorithms does it use?
IDEA and 3DES (Look these up if you're studying for the test and still not sure what they mean)
A set of protocols developed by the IETF to securely exchange packets at the network layer of the OSI model.
IPsec
What are the two IPsec protocols for providing key management and exchange?
ISAKMP or Internet Security Association and Key Management Protocol. Oakley. SKEMI or Secure Key Exchange Mechanism for Internet.
What is it and what's its port? IMAP
Internet Message Access Protocol. TCP 143.
Why is it more effective to run IPsec on its own appliance than on the machines?
It requires CPU power and therefore drains on the host machines.
IPsec is flexible and allows for other technologies to be used in its framework. What traditional hash algorithms does it use?
MD5 and SHA-1 for packet-level authentication.
A separate naming scheme from DNS, this is used in older Windows systems. Uses TCP and UDP ports 137, 138, 139, and 445 over a LAN for things like file and printer sharing. Largely obsolete, but shoehorned into DNS by making the names the same.
NetBIOS
An ICMP packet composed of an echo request and an echo reply.
Ping
If you need multiple internal hosts to share a single external IP address, you might use ____.
Port Address Translation, or PAT, allowing the systems to be mapped with port numbers.
Services are referenced by ____ under both TCP and UDP protocol stacks.
Ports
What is it and what's its port? POP3
Post Office Protocol, Version 3. TCP 110.
What is it and what's its port? RDP
Remote Desktop Protocol. TCP and UDP 3389.
The use of FTP over an SSH channel. Leverages the encryption protections of SSH to secure FTP transfers. Since it is using SSH, it uses TCP port 22.
SFTP
A standard for managing devices on IP-based networks. An application layer protocol, part of the IP suite, and can be used to monitor devices, including: networking devices, computers, and more.
SNMP or Simple Network Management Protocol
An application of encryption technology developed for transport-layer protocols across the web. Replaced by TLS.
SSL or Secure Sockets Layer
File transfers between systems can be accomplished via this SSH-enabled file transfer mechanism. Because of its reliance on SSH, it uses TCP port 22.
Secure Copy Protocol or SCP
A protocol which is an encrypted remote terminal connection program used for remote connections to a server. TCP port 22. Asymmetric key encryption but usually requires the manual receipt of a server key as a form of trust.
Secure Shell or SSH
What is it and what's its port? SSH
Secure Shell. TCP 22.
Application delivery-only Platform as a Service (PaaS) offerings generally focus on scalability as well as ____.
Security
IPsec uses the term ____ as a means of describing a unidirectional combination of specific algorithm and key selection to provide a protected channel.
Security Association
What is it and what's its port? SMTP
Simple Mail Transfer Protocol. TCP 25.
____ is one of the most common protocols used in the IP suite. Maintains a connection between endpoints.
TCP or Transmission Control Protocol
IETF implementation for the employment of encryption technology and replaces SSL, though operates very similarly.
TLS or Transport Layer Security
Plaintext method of instantiating a command-line console to a remote machine. Uses TCP port 23. Sends all transmissions unencrypted. Replaced by SSH due to security concerns.
Telnet
Which IPsec mode encrypts only the data portion of the packet?
Transport Mode
File transfer protocol known for simplicity and lack of security mechanisms such as authentication. UDP port 69.
Trivial File Transfer Protocol or TFTP
Which IPsec mode encrypts the entire packet but can only be performed between two IPsec servers or routers because the sender has to know the destination beforehand?
Tunnel Mode
In tunnel mode of IPsec, the security of packet traffic is the responsibility of ____.
Two IPsec endpoints such as routers or servers.
What is bidirectional security in IPsec?
When IPsec (or some other protocol) is used to secure traffic to and from both systems and therefore two security associations are required.
A protocol for IP-based storage. Can be used to send data over existing network infrastructures, enabling storage area networks (SANs). Low-cost alternative to Fibre Channel storage.
iSCSI or Internet Small Computer System Interface