SY0-501 Security+: (2.6) Given a scenario, implement secure protocols
Secure Shell (SSH)
A UNIX-based command interface and protocol for securely accessing a remote computer.
SFTP (Secure File Transfer Protocol)
A protocol available with the proprietary version of SSH that copies files between hosts securely. Like FTP, SFTP first establishes a connection with a host and then allows a remote user to browse directories, list files, and copy files. Unlike FTP, SFTP encrypts data before transmitting it.
SRTP (Secure Real-Time Transport Protocol)
A security profile for RTP that adds confidentiality, message authentication, and replay protection to that protocol. Used to secure VoIP traffic. Has minimal effect on the IP quality of the VoIP service.
Secure Protocols
A security protocol (cryptographic protocol or encryption protocol) is an abstract or concrete protocol that performs a security-related function and applies cryptographic methods, often as sequences of cryptographic primitives.
DNSSEC
A set of extensions to DNS that provide to DNS clients (resolvers) origin authentication of DNS data to reduce the threat of DNS poisoning, spoofing, and similar attack types.
SSL/TLS
An encryption layer of HTTP that uses public key cryptography to establish a secure connection.
Securing DNS
DNSSEC - Domain Name System Security Extensions, uses public-key cryptography - verify authenticity
FTPS
File Transfer Protocol Secure. Each method uses an SSL/TLS layer below the standard FTP protocol to encrypt the control and/or the data channels. FTPS, by the way, is distinguished from SSH file transfer protocol (SFTP), which is FTP over SSH.
secure file transfer
In summary, SFTP and FTPS are both secure FTP protocols with strong authentication options. Since SFTP is much easier to port through firewalls, however, we believe SFTP is the clear winner between the two. FTPS (SSL/TLS) and SFTP (SSH)
secure directory services
LDAP (Lightweight Directory Access Protocol) is an open and cross platform protocol used for directory services authentication. LDAP provides the communication language that applications use to communicate with other directory services servers. Directory services store the users, passwords, and computer accounts, and share that information with other entities on the network. LDAP over TLS offers better security. SASL - Simple authentication and security layer, provides authentication using kerberos, client certificates, etc...
secure time synchronization
NTP - network time protocol, port 123 UDP The synchronization of time on computers and networks is often vitally important. ... A mechanism is required to disseminate accurate time around a network to computers and network devices in order to maintain order. The NTP and SNTP Protocols. The Network Time Protocol (NTP) was introduced to provide just such a mechanism - NTPsec is now being tested
Secure routers and switches
SSH thru a terminal interface or SNMPv3 which ensures confidentiality, integrity, and authentication. Can interact thru a browswer using https
HTTPS (Hypertext Transfer Protocol Secure)
Secure (HTTPS) is a variant of the standard web transfer protocol (HTTP) that adds a layer of security on the data in transit through a secure socket layer (SSL) or transport layer security (TLS) protocol connection.
S/MIME
Secure/ Multipurpose Internet Mail Extensions. Used to secure e-mail. S/ MIME provides confidentiality, integrity, authentication, and non-repudiation. It can digitally sign and encrypt e-mail, including the encryption of e-mail at rest (stored on a drive) and in transit (data sent over the network). It uses RSA, with public and private keys for encryption and decryption, and depends on a PKI for certificates.
LDAPS (Lightweight Directory Access Protocol Secure)
The Lightweight Directory Access Protocol (LDAP) is used to read from and write to Active Directory. By default, LDAP traffic is transmitted unsecured. You can make LDAP traffic confidential and secure by using Secure Sockets Layer (SSL) / Transport Layer Security (TLS) technology.
Secure IMAP
Version of IMAP that uses SSL/TLS. port 993
Secure POP
Version of POP that uses SSL/TLS. port 995
securing voice and video
VoIP on a secured network or SRTP secure real-time transport protocol - uses AES to encrypt voice and video over the internet
secure web communication
When you request a HTTPS connection to a webpage, the website will initially send its SSL certificate to your browser. This certificate contains the public key needed to begin the secure session. Based on this initial exchange, your browser and the website then initiate the 'SSL handshake'. The SSL handshake involves the generation of shared secrets to establish a uniquely secure connection between yourself and the website.
SNMPv3
Which version of Simple Network Management Protocol (SNMP) is considered the most secure, SNMPv3. SNMP version 3 (SNMPv3) supports authentication and encryption.
subscription services
anti-virus/malware signatures; ips updates; malicious ip database updates, firewall updates - each subscription typically requires a different way to update which can be a headache. Use encryption and certificates to verify a subscription.
secure email and web communication
inbound - secure IMAP (port 993 -- SSL enabled), outbound - secure SMTP (port 465 -- SSL enabled). Also S/MIME is being used
Secure Remote Access
secure VPN connection between the endpoints. SSH - secure shell, encrypted connection
Secure network address allocation
use DHCP (dynamic host configuration protocol) but there is no secure version. Microsoft has added a layer of security in that a DHCP server must be authenticated MAC addresses can be spoofed and cause ip starvation
