Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

Security + > 3.1 > Flashcards

3.1 Flashcards

(13 cards)

Start Studying
1
Q

What is a secure protocol for Voice and Video?

A

-SRTP
–Secure Real-Time Transport Protocol / Secure RTP

-Adds security features to RTP
–Keep Conversations private

-Encryption
–Uses AES to encrypt the voice/cideo flow

-Authentication, integrity, and replay protection
–HMAC-SHA1 - Hash-based message authentication code using SHA1

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is a secure protocol for Time Synchronization?

A

-Classic NTP has no security features
–Exploited as amplifiers in DDoS attacks
–NTP has been around priop to 1985

-NTPsec
–Secure network time protocol
–Began development in June of 2015

-Cleaned up the code base

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is a secure protocol for Email?

A

-S/MIME
–Secure/Multipurpose Internet Mail Extensions
–Public key encryption and digital signing of mail content
–Requires a PKI or similar organization of keys

-Secure POP and Secure IMAP
–Use a STARTTLS extension to encrypt POP3 with SSL or use IMAP with SSL

-SSL/TLS
–If the mail is browser based, always encrypt with SSL

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is a secure protocol for Web?

A

-SSL/TLS
–Secure Socket Layer/Transport Layer Security

-HTTPS
–HTTP over TLS/HTTP over SSL/HTTP secure

-Uses public key encryption
–Private key on the server
–Symmetric session key is transferred using asymmetric encryption
–Security and speed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is a secure protocol for IP?

A

-IPsec (Internet Protocol Security)

-Security for OSI layer 3
–Authentication and encryption for every packet

-Confidentiality and integrity/anti-replay
–Encryption and packet signing

-Very standardized
–Common to use multi-vendor implementations

-Two core IPsec Protocols
–Authentication Header (AH)
– Encapsulation Security Payload (ESP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is a secure protocol to transfer files

A

-FTPs
–FTP over SSL (FTP-SSL)
–File Transfer Protocol Secure
–This is not SFTP

-SFTP
–SSH File Transfer Protocol
–Provides file system functionality
–Resuming interrupted transfers, directory listings, remote file removal

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is LDAP

A

-Lightweight Directory Access Protocol

-Protocol for reading and writing directories over an IP network
–An organized set of records, like a phone directory

-X.500 specification was written by the International Telecommunications Union (ITU)
–They know directories!

-DAP ran on the OSI protocol stack
–LDAP is lightweight, and uses TCP/IP

-LDAP is the protocol used to query and update an X.500 directory
–Used in Windows Active Directory, Apple OpenDirectory, OpenLDAP, etc.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are Secure Directory services

A

-LDAP (Lightweight Directory Access Protocol

-LDAPS (LDAP Secure)
–A non-standard implementation of LDAP over SSL

-SASL (Simple Authentication and Security Layer)
–Provides authentication using many different methods, i.e., Kerberos or client certificate.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is a secure remote access method?

A

-SSH (Secure Shell)
–Port 22
–Encrypted terminal communication
–Replaces Telnet (port 23) and FTP (port 20/21)
–Provides secure terminal communication and file transfer features

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is a secure Domain Name Resolution?

A

-DNS had no security in the original design
–Relatively easy to poison a DNS

-DNSSEC
—Domain Name System Security Extensions

-Validate DNS responses
–origin authentication
–Data integrity

-Public key cryptography
–DNS records are signed with a trusted third party
–Signed DNS records are published in DNS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is a secure way to access Routing and Switching?

A

-SSH - Secure Shell
–Encrypted terminal communication

-SNMPv3 - Simple Network Management Protocol version 3
–Confidentiality - Encrypted data
–Integrity - No Tampering of daa
–Authentication - Verifies the source

-HTTPS
–Browser-based management
–Encrypted communication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is a secure method for Network Address Allocation

A

-Securing DHCP
–DHCP does not include any built-in security
–There is no “secure version of the DHCP protocol

-Rogue DHCP servers
–In AD, DHCP servers must be authorized
–Some switches can be configured with “trusted” interfaces
–DHCP distribution is only allowed from trusted interfaces
–Cisco calls this DHCP Snooping

-DHCP client DoS - Starvation attack
–Use spoofed MAC addresses to exhaust the DHCPP pool

-Switches can be configured to limit the number of MAC addresses per interface
–Disable an interface when multiple MAC addresses are seen

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is LDAP

A

-Lightweight Directory Access Protocol

-Protocol for reading and writing directories over an IP network
–An organized set of records, like a phone directory

-X.500 specification was written by the International Telecommunications Union (ITU)
–They know directories!

-DAP ran on the OSI protocol stack
–LDAP is lightweight, and uses TCP/IP

-LDAP is the protocol used to query and update an X.500 directory
–Used in Windows Active Directory, Apple OpenDirectory, OpenLDAP, etc.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Security + (19 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions