Chapter 10: Securing TCP/IP

Question 1

Define: Integrity

Answer 1

The process that guarantees that the data received is the same as originally sent.

Question 2

Define: Nonrepudiation

Answer 2

Means that a person cannot deny he or she took a specific action.

Question 3

Define: Authentication

Answer 3

Means to verify that whoever is trying to access the data is the person you want accessing that data.

Question 4

Define: Authorization

Answer 4

Defines what an authenticated person can do with the data.

Question 5

Any encryption that uses the same key for both encryption and decryption is called:

Answer 5

symmetric-key encryption

Question 6

Any encryption that uses different keys for encryption and decryption is called:

Answer 6

asymmetric-key encryption

Question 7

Symmetric-key algorithms are either ____ ciphers or ____ ciphers.

Answer 7

block
stream

Question 8

How do block ciphers encrypt data?

Answer 8

In single chunks of a certain length at a time.

Question 9

How do stream ciphers encrypt data?

Answer 9

They take a single bit at a time and encrypt on-the-fly.

Question 10

What is one serious weakness that symmetric-key encryption has?

Answer 10

Anyone who intercepts the key can encrypt or decrypt data with it.

Question 11

How does asymmetric-key encryption solve the weakness of symmetric-key encryption?

Answer 11

The public key of the receiver is used to encrypt the symmetric-key before it is sent, and the receiver uses their private key to decrypt it.

Question 12

Public-key cryptography, the primary asymmetric implementation, generates a key pair. What are these keys called?

Answer 12

private key
public key

Question 13

What are the three asymmetric algorithms used today?

Answer 13

RSA (Rivest, Shamir, Adleman)
DSA (Digital Signature Algorithm)
ECDSA (Elliptic Curve DSA)

Question 14

What is a one-way function that you run on a string of binary digits of any length that results in a value of some fixed length (often called a checksum or message digest)?

Answer 14

A cryptographic hash function

Question 15

Can you recreate the original data from its hash if you know the hashing algorithm used?

Answer 15

No, a hash is irreversible.

Question 16

How do operating systems and applications store passwords?

Answer 16

They only store the hashes of passwords and not the passwords themselves.

Question 17

What is the primary family of cryptographic functions and which two are currently recommended?

Answer 17

SHA (Secure Hash Algorithm)
SHA-2 (six variants)
SHA-3 (six variants)

Question 18

In network security, nonrepudiation is typically enabled by a combination of encryption and hashing called a:

Answer 18

digital signature

Question 19

How does a sender of a message create a digital signature?

Answer 19

The sender hashes all or part of a message and then encrypts the hash with their private key.

Question 20

The system for creating and distributing digital certificates issued by trusted third party certificate authorities (CA) such as DigiCert, GoDaddy, or Sectigo is called:

Answer 20

PKI (Public-Key Infrastructure)

Question 21

What three things are included in a PKI certificate?

Answer 21

1. Public Key
2. Info about the certificate
3. The digital signature of a trusted third party

Question 22

In a PKI encryption method, which key encrypts the data?

Answer 22

The public key

Question 23

In order to have a PKI you must have a/an ____.

Answer 23

root authority

Question 24

What two jobs does a NAC (Network Access Control) application do?

Answer 24

1. It usually prevents computers lacking anti-malware and patches from accessing the network.
2. It creates policies that define what individual systems can do on the network.

Question 25

What is an ACL (Access Control List)?

Answer 25

A list of permissions that specifies what an authenticated user may perform on a shared resource.

Question 26

Which type of access control assigns a security level label on every resource?

Answer 26

MAC (Mandatory Access Control)

Question 27

Which type of access control is based on the idea that a resource has an owner who may at their discretion assign access to that resource?

Answer 27

DAC (Discretionary Access Control)

Question 28

Which type of access control defines a user's access to a resource based on the roles the user plays in the network environment?

Answer 28

RBAC (Role-Based Access Control)

Question 29

____ enables two devices to connect, authenticate with a username and password, and negotiate the network protocol the two devices will use.

Answer 29

PPP or Point-to-Point Protocol

Question 30

Originally used by PPP for authentication, ____ transmits the username and password over the connection in plaintext to authenticate a user.

Answer 30

PAP or Password Authentication Protocol

Question 31

PPP switched from PAP to ____ for a secure authentication routine using hashes.

Answer 31

CHAP or Challenge Handshake Authentication Protocol

Question 32

Microsoft invented a more detailed and secure version of CHAP for authentication called:

Answer 32

MS-CHAPv2

Question 33

What does AAA stand for in network security?

Answer 33

Authentication Authorization Accounting

Question 34

____ servers provides AAA for remote users accessing a network using point-to-point connections.

Answer 34

RADIUS or Remote Authentication Dial-In User Service

Question 35

RADIUS consists of these three devices:

Answer 35

1. The RADIUS server 2. NASs (Network Access Servers) 3. Systems that connect to the network

Question 36

RADIUS Port #s

Answer 36

UDP port 1812 (authentication) UDP port 1645 (authentication) UDP port 1813 (accounting) UDP port 1646 (accounting)

Question 37

The ____ protocol supports AAA in a network with many routers and switches that need administration. It is similar to RADIUS in function.

Answer 37

TACACS+ or Terminal Access Controller Access Control System Plus

Question 38

TACACS+ Port #

Answer 38

TCP port 49

Question 39

The authentication protocol ____ is used for TCP/IP networks with many clients all connected to a single authenticating server. Microsoft Windows domains rely on it for authentication.

Answer 39

Kerberos

Question 40

Kerberos Port #

Answer 40

UDP or TCP port 88

Question 41

The ability to log in only one time and use the same token to access any resource you're allowed to access on an entire network is called:

Answer 41

SSO (Single Sign-On)

Question 42

What is a SSH tunnel?

Answer 42

An encrypted link between SSH processes on two separate computers.

Question 43

What does the authentication and encryption protocol suite IPsec (Internet Protocol Security) do and at what OSI layer does it work?

Answer 43

It creates secure tunnels between two computers and works at the Network layer.

Question 44

What does IPsec Transport mode do?

Answer 44

It encrypts the payload of the IP packet.

Question 45

What does IPsec Tunnel mode do?

Answer 45

It encrypts the entire IP packet and encapsulates it inside another IP packet at an endpoint.

Question 46

Who generates CRLs (Certificate Revocation Lists) that a web browser can check certificates against?

Answer 46

Root authorities

Question 47

What does SMTPS (Simple Mail Transport Protocol Secure) do?

Answer 47

It wraps SMTP communication with TLS (Transport Layer Security).

Question 48

SMTPS (SMTP TLS) Port #

Answer 48

TCP port 587

Question 49

What does the POP3S (Post Office Protocol 3 over SSL) extension do?

Answer 49

It adds a TLS (Transport Layer Security) wrap to POP3 e-mail retrieval.

Question 50

POP3S Port #

Answer 50

port 995

Question 51

What does the IMAPS (Internet Message Access Protocol over SSL) extension do?

Answer 51

It adds a TLS (Transport Layer Security) wrap for encryption.

Question 52

IMAPS Port #

Answer 52

port 993

Question 53

What protocol offers secure file transfers, resumption of interrupted file transfers, deletion of files on the server, and more?

Answer 53

SFTP or SSH File Transfer Protocol

Question 54

SFTP Port #

Answer 54

TCP port 22

Question 55

What protocol queries the state of network devices and reports whatever device-specific information the devices provide?

Answer 55

SNMP or Simple Network Management Protocol SNMPv3 is the standard version used today.

Question 56

SNMP Port #s

Answer 56

UDP ports 161 and 162

Question 57

What protocol do programs use to query and change a database used by the network (ie. Active Directory)? Domain controllers will use it automatically in the background to keep your databases in good order.

Answer 57

LDAP or Lightweight Directory Access Protocol

Question 58

LDAP Port #s

Answer 58

TCP port 389 UDP port 389