ch 11 - topic B - 2.1 + 3.1

FTPS (FTP over SSL)

- FTP secure - also called implicit TLS - uses SSL/TLS tunnel before exchanging data

HTTPS

- HTTP secure - shown as https:// (in URL) - also show padlock icon on browser

SIPS

- SIP secure - use certificate to authenticate enpoints - and establish TLS tunnel

SMTPS

- SMTP secure - secured using TLS - uses certificate on SMTP server

cipher suite

- algorithm supported by client and server - to perform different encryption and hashing ex. ECDHE-RSA-AES128-GCM-SHA256 means server can use : - elliptic curve diffie-hellman ephemeral mode (for session key agreement) - RSA signature - 128bit AES-GCM (for symmetric bulk encryption) - 256bit SHA for HMAC

API

- application programming interface - primary means to configure and manage web app - software-to-software interfaces - allow different applications to talk to each other - and exchange info or functionality

FTP

- file transfer protocol - FTP server configured with several public directories, hosting file, and user accounts - most HTTP servers also function as FTP - webservers may be installed with FTP service, account, and directories by default - not secure

HTTP

- hyper text transfer protocol - foundation of web technology - enable client to request resource for HTTP server - using URL - response and request format defined in HTTP header - HTTP payload is used to serve HTML page (text file with coded tags) - describe how page should be formatted - browser can interpret tags and display picture and sound in HTML page

IMAPS

- internet message access protocol secure - support permanent connection to server - client authenticate themselves - connect multiple client to mailbox simultaneously - clients can sync to the server - allow client to manage mail folder on server - tells you when you have read email

subscription service type

- market and financial intelligence and info - security threat intelligence and info - referencing and training materials (ebook, video) - software and cloud service subscription

POP3S

- post office protocol v3 secure - mailbox protocol - user authenticate with username and password - developed for temporary connection (dial up) - clients connect and download mail - store them on the client computer - delete them from the server - secure version of POP (uses SSL/TLS)

SRTP

- provide confidentiality for actual call data

QoS

- quality of service - prioritize traffic over others (VoIP over file transfer) - ensure real time data are free from problems (latency and jitter)

RTP

- real time transport protocol - handles actual delivery of real time data - SIP provide session management (start, stop, end)

RSS

- really simple syndication - web feed subscription - updated article or news are pushed to client or browser - also can be atom format - atom and RSS use XML format for each doc by feed - feed can be vulnerable to XML injection attack (attacker can show malicious link or interact with file system)

S/MIME

- secure / multipurpose internet mail extensions - encrypt each outgoing message and attachment - to use S/MIME user issued certificate - only recipient with certificate can read them (private/public key)

SFTP

- secure FTP - use SSH to create secure link between server and client - FTP command and data sent over secure link - no risk of eavesdropping or MITM

SSL

- secure socket layer - developed by netscape - address lack of security in HTTP

SIP

- session initiation protocol - most widely used session control protocol - SIP endpoints are end user device, IP enable handset, or web conference app - each device, meeting, or telephony user is assigned unique SIP address (SIP uniform resource indicator, URI) ex. sip: [email protected]

SMTP

- simple mail transfer protocol - used to send email - use domain name of email address to find IP address of recipient - SMPT server for domain registered in DNS using MX record - SMTP is not secure

mailbox protocol

- store mail for user - and allow them to download mail to client computer - or manage them on server

TLS

- transport layer security - developed from SSL - often called SSL/TLS - HTTP using SSL/TLS is HTTPS (HTTP secure) - can secure other protocols and VPN - to use TLS, server is assigned digital certificate from CA - certificate prove identity of server and validate servers key pair (private/public key) - server uses key pair and TLS to create encrypt session with client

VoIP and VTC

- voice over IP - video teleconferencing - transfer real time data - must create point-to-point link between host - on different network