Sec+

Ace your homework & exams now with Quizwiz!

__________ a user's identity before resetting a user's password

"Verify" a user's identity before resetting a user's password

Protocol and Ports: FTP data port FTP control port SSH SCP SFTP

- FTP data TCP port 20 FTP control TCP port 21 SSH TCP 22 SCP TCP 22 SFTP TCP 22

Protocol and Ports: HTTPS SMTP SSL/TLS IPSec LDAP SSL LDAP/TLS

- HTTPS TCP 443 SMTP SSL/TLS TCP 465 IPSec UDP 500 LDAP SSL TCP 636 LDAP/TLS TCP 636

Protocol and Ports: IMAP SSL/TLS POP SSL/TLS L2TP PPTP RDP Microsoft SQL Server

- IMAP SSL/TLS TCP 993 POP SSL/TLS TCP 995 L2TP UDP 1701 PPTP TCP 1723 RDP TCP/UDP 3389 Microsoft SQL Server TCP 1433

Protocol and Ports: NetBIOS (TCP rarely used) NetBIOS NetBIOS IMAP4 LDAP

- NetBIOS (TCP rarely used) TCP/UDP 137 NetBIOS UDP 138 NetBIOS TCP 139 IMAP4 TCP 143 LDAP TCP 389

Protocol and Ports: TFTP HTTP Kerberos POP3 SNMP SNMP Trap

- TFTP UDP 69 HTTP TCP 80 Kerberos UDP 88 POP3 TCP 110 SNMP UDP 161 SNMP Trap UDP 162

Protocol and Ports: Telnet SMTP TACACS+ DNS name queries DNS zone transfers

- Telnet TCP port 23 SMTP TCP 25 TACACS+ TCP 49 DNS name queries UDP 53 DNS zone transfers TCP 53

POP3 receives email on port...

110

NetBIOS is used on internal networks and uses ports ___________

137-139

IMAP4 uses port

143

Microsoft SQL Server uses port _______

1433

RDP is used to connect to remote systems and uses port

3389

Kerberbos uses UDP port ________

88

DNS zones include records such as ___ records for IPv4 addresses and _______ records for IPv6 addresses

A AAAA

A buffer zone between the internet and an internal network. It provides a layer of protection for the internal network

A DMZ

An _______ server provides port-based authentication, ensuring that only authorized clients can connect to a network. It prevents rogue devices from connecting

An 802.1x server

Password policies should apply to...

Any entity including user accounts and any accounts used by service and applications.

Most internet-based DNS servers run _____ software on Unix or linux servers, and it's common to configure DNS server to only use secure zone transfers

BIND

Two protocols that use PPP

CHAP and PAP

TACACS+

Cisco alternative to RADIUS

Confidentiality

Ensures data is viewable by authorized users

_______ supports uploading and downloading of large files to and from an FTP server. It uses TCP ports _____ and _____

FTP 20 and 21

T/F : Security keys remain available if an account is deleted

False

RAID-1, RAID-5, & RAID-6

Faul-tolerant disks provide for availability

elements of a password policy

History Max Pass age Min Pass length Pass complexity Min Pass age

IPSec creates secure tunnels for _______

IPSec creates secure tunnels for VPNs

IPsec is built in to IPv___ and can encrypt any type of IPv___ traffic

IPv6

Account disablement policy

Identifies what to do with accounts for employees who leave permanently or on leave. Most policies require disable as soon as possible for ex-employees. Data is still available if disabled as well as security keys.

Proxy cards can _________ and _________ users when combined with a PIN.

Identify and authenticate

______ translates public IP addresses to private IP addresses and private IP addresses back to public

NAT

Uses a single plublic IP address

PAT

ARP

Resolves MAC address to IPv4 addresses

NDP

Resolves MAC address to IPv6 addresses

used to manage and monitor network devices and it uses UDP ports 161 and 162

SNMP

SFTP uses ______ to encrypt FTP traffic and transmits it using port ______

SSH port 22

FTPS uses _____ to encrypt FTP traffic

SSL

____ and ____ protect against switch loop problems

STP and RSTP

SMTP sends email on port...

TCP port 25

DNS uses ______ port _____ for zone transfers

TCP port 53

Security Control's three classifications

Technical, Management, and Operational

A legacy protocol administrators have used to connect to remote systems. It uses port _____ and sends data in cleartext. SSH is more secure than this.

Telnet

T/F : In the event of a fire, door access systems should allow personnel to exit the building without any form of authentication

True

Single-factor authentication

Two or more methods in the same factor of authentication (i.e. a PIN and a password)

DNS uses ______ port _____ for client queries

UDP port 53

TFTP uses ______ port _____

UDP port 69

A _____ can logically group several different computers together, or logically separate computers, without regard to their physical location

VLAN

_____ ___________ firewalls provide strong protection for web servers and protect against several types of attacks with a focus on _____ ___________ attacks such as cross-site scripting attacks

Web application firewalls

DAC

a DAC model specifies that every object has an owner, and the owner has full, explicit control of the object. Microsoft NTFS uses the DAC model

Kerberos

a network authentication protocol within a Microsoft Windows Active Directory domain that uses a database of objects such as Active Directory and a KDC to issue timestamped tickets that expire after a certain time period

An example of something you know (the weakest factor)

a password or PIN

A Matrix

a planning document that matches the roles with the required privileges

An example of something you have

a smartcard

Least privilege

a technical control that specifies that individuals or processes are granted only those rights and permissions needed to perform their assigned tasks or functions

Cable Locks

an effective threat deterrent for small equipment such as laptops and some workstations. They can also prevent loss due to theft of small equipment

Detective Controls and list examples

attempt to detect when vulnerabilities have been exploited. log monitoring, trend analysis, security audits, and CCTV systems

PAP

authentication that uses a password or a PIN. It sends the information across a network in cleartext, making it susceptible to sniffing attacks.

Rule-BAC

based on a set of approved instructions, such as an Access control list. some Rule-BAC systems use rules that trigger in response to an event such as modifying ACLs after detecting an attack, or granting additional permissions to a user in certain situations.

An example of something you are (the strongest method of authentication)

biometrics - fingerprints, retina scans, palm scanners

Layered Security or Defense in Depth

combines multiple layers of security such as a firewall, an IDS, content filtering, and antivirus software

account disablement policy

disable accounts when users leave the organization

SSL and TLS encrypt traffic with the use of ___________ and can encrypt other types of traffic such as SMTP and LDAP

encrypt traffic with the use of "certificates"

Technical Controls examples

encryption, antivirus software, IDSs, Firewalls, & PRINCIPLE of Least privilege. Includes motion detectors and fire suppression systems

SSH

encrypts and uses port 22. Can also encrypt FTP (as SFTP), is used with SCP to copy encrypted files over a network, and can encrypt TCP Wrappers.

Availability

ensures systems are up and operational

MD5, HMAC, and SHA-1 are all...

hashing algorithms

Change Management

help to prevent outages from configuration changes

Steganography

hides data such as hiding text files in an image file

Group Policy

implemented on a domain controller (DC) and is used to create password policies, lock down the GUI, configure host-based firewalls, and much more.

Routers and Firewalls use implicit ______ as the last rule in the access control list

implicit deny

Diameter

improvement over RADIUS that supports additional capabilities, including securing transmissions with EAP

Safety

includes adding fencing, lighting, and door access systems. May include fail opens.

Hardening a system

increases a system's basic configuration to prevent incidents.

Digital Signatures verify the ________ of emails and files and require certificates to provide ________ & _______

integrity Authentication and Non-repudiation

SAML

is an XML-based standard used to exchange authentication and authorization information between different parties. SAML provides SSO for web-based applications.

CHAP

more secure than PAP because passwords are not sent over the network in cleartext.

Identification

occurs when a user claims an identity such as a username or email address

Authentication

occurs when the user proves the claimed identity and the credentials are verified

TOTP creates a ______ time use password that expire ___________

one time use password that expire after 30 seconds

HOTP creates a ______ time use password that ________ expire

one-time use password that never expire

HOTP and TOTP are...

open source standards used to create one-time use passwords

Preventive Controls

prevent security incidents

Time-of-day restrictions

prevent users from logging on during restricted times and prevents logged-on users from access resources during certain times

Locking cabinents

provide an added physical security measure. It prevents unauthorized access to equipment mounted in server bays

RADIUS

provides centralized authentication

Video surveillance

provides reliable proof of a person's location and activity. It can ID who enters and exits secure areas and can record theft of assets.

Group-based privileges

reduce admin workload of access management. Admins put user accounts into groups and assigns privileges to the groups. Users get the group privileges.

A password history of 24 does what

remembers the past 24 passwords

Cipher Locks

require users to enter a code to gain access (picture door codes in school house). They do not identify users.

SSO

requires users to use and remember only one set of credentials for authentication. The user's credentials are used throughout an entire session. SSO can provide for central authentication against a federated database for different operating systems.

_________ __________ are an effective deterrent to prevent tailgating and can check individuals' ID against a preapproved access list

security guards

access points to data centers and server rooms should be limited to ___________ entrance(s) and exit(s) whenever possible

single

LDAP

specifies formats and methods to query directories. Secure LDAP encrypts transmissions with SSL or TLS and is based on X.500 specification.

______ allows you to divide a classful network into two or more smaller networks.

subnetting

MAC

the MAC model uses sensitivity labels for users and data. It is commonly used when access needs to be RESTRICTED based on a NEED TO KNOW. Sensitivity labels often reflect classification levels of data and clearances granted to individuals.

Risk

the likelihood that a threat will exploit a vulnerability.

Dual-factor authentication

two different factors such as a USB Token and a PIN

Role-Based Access Control (Role-BAC)

uses roles based on jobs and functions.

Multifactor authentication

uses two or more factors

Integrity

verifies data has not been modified

See all study sets

Related study sets

Property: Colorado Statutes, Rules and Regulations Common to All Lines

View Set

Chapter 14: The Basics of Health Insurance (M.O.M)

View Set

Karch Chapter 39: Introduction to the Reproductive System Prep U

View Set

10 Recruiter Strategies To Improve Diversity And Inclusion In Hiring

View Set

Chapter 8 Test #2 (Solve Quadratics by Factoring)

View Set

Exam 2-3 Material Human Injuries

View Set

Chapter 7: Negligence and strict liability

View Set

Endoplasmic Reticulum (Smooth and rough)

View Set

Chapter 67: Review of the Immune System

View Set