Flashcards in Chapter 11: Securing TCP/IP Deck (63):
Data that is in an easily read or viewed format
Any encryption method that uses the same key for both encryption and decryption.
Any encryption method that uses different keys for encryption and decryption.
-An encryption algorithm in which data is encrypted in "chunks" of a certain length at a time.
-Popular in wired networks
An encryption method that encrypts a single bit at a time.
Rivest Cipher 4 (RC4)
Was the dominant stream cipher for a time, but now is not.
Advanced Encryption Standard (AES)
A block cipher that uses a 128-bit block size and 128, 192, or 256 bit key size.
What is the most popular form of email encryption?
Rivest Shamir Adleman (RSA)
An improved asymmetric cryptography algorithm that enables secure digital signatures.
The Network layer encryption protocol.
The process that guarantees that the data received is the same as originally sent.
Secure Hash Algorithm (SHA)
The primary family of cryptographic hash functions.
Two unsafe algorithms
SHA-1 and Message-Digest Algorithm version 5 (MD5)
The receiver of info has a very high confidence that the sender of a piece of info truly is who the receiver thinks.
An encrypted hash of a private encryption key that verifies a sender's identity to those who receive encrypted data or messages.
A standardized type of digital signature that includes the digital signature of a third party (like GoDaddy) that guarantees that who is passing out this certificate truly is who they say they are.
Public-Key Infrastructure (PKI)
The system for creating and distributing digital certificates using sites like GoDaddy, VeriSign, etc.
The process of positively identifying users trying to access data.
Defines what an authenticated user can do with data.
Network Access Control (NAC)
Control over information, people, access, machines, and everything in between
Access Control List (ACL)
A clearly defined list of permissions that specifies what an authenticated user may perform on a shared resource
Mandatory Access Control (MAC)
Authorization method in which every resource is assigned a label that defines its security level.
Discretionary Access Control (DAC)
Authorization method based on the idea that there is an owner of a resource who may at his or her discretion assign access to that resource.
Role-Based Access Control (RBAC)
Authorization method that defines a user's access to a resource based on the roles the user plays in the network environment.
Point-to-Point Protocol (PPP)
Enables two point-to-point devices to connect, authenticate, and negotiate the network protocol the two devices will use.
The 5 Distinct Phases to a PPP Connection
1) Link Dead: No link yet.
2) Link Establishment: Link Control Protocol (LCP) communicates with the LCP on the other side of the PPP link.
3) Authentication: Username/Password
4) Network layer protocol: LCP uses a protocol called Network Control Protocol (NCP) to make proper connections
In a point-to-point connection, the side asking for the connection is the _______ and the other side is the ________.
Password Authentication Protocol (PAP)
The oldest and most basic form of authentication.
Sends the passwords in cleartext!!
Challenge Handshake Authentication Protocol (CHAP)
A remote access authentication protocol that has the serving system challenge the remote client, which must provide an encrypted password.
The most common authentication method for dial up.
Authentication, Authorization, and Accounting (AAA)
A security philosophy based upon the three words it is named with, ya know?
Remote Authentication Dial-In User Service (RADIUS)
-An AAA standard created to support ISP's with hundreds or thousands of modems in hundreds of computers to connect to a single central database.
-Either UDP 1812/1813 or UDP 1645/1646
3 Devices of RADIUS
1) Radius Server that has access to usernames/passwords
2) Network Access Servers (NAS) that control the modems
3) A group of systems that dial into the network.
What is the Microsoft RADIUS server?
Internet Authentication Service (IAS)
What is the Linux RADIUS server?
Terminal Access Controller Access Control System Plus (TACACS+)
-A protocol developed by Cisco to support AAA in a network with many routers and switches.
-TCP port 49
-Similar to RADIUS, but separates authorization, authentication and accounting.
An authentication standard designed to allow different operating systems and applications to authenticate each other.
Key Distribution Center (KDC)
System for granting authentication in Kerberos.
Two processes of KDC
1) Authentication Server (AS)
2) Ticket Granting Service (TGS)
In Windows, the security token is called a __________.
Security Identifier (SID)
-Most popular form of authentication in wireless networks.
-Uses a shared secret code (password or whatever) stored on the WAP and the clients
-A protocol that defines the use of a RADIUS server as well as mutual authentication, requiring certificates on both the server and every client.
-Only used on wireless networks
A protocol similar to EAP-TTLS, but only uses a single server-side certificate.
Proprietary EAP used almost exclusively by Cisco wireless products.
-A port-authentication network access control mechanism for networks.
-An encrypted link between two programs on two separate computers
-SSH creates encrypted tunnels
SSL vs. TLS
SSL is limited to a few applications, whereas TLS is not limited (for the most part)
An authentication and encryption protocol suite that works at the Internet/Network layer
Transport Mode of IPsec
Only the actual payload of the IP packet is encrypted, and the IP header info is readable.
The primary data that is sent from a source network device to a destination network device.
Tunnel Mode of IPsec
Entire IP packet is encrypted and encapsulated into another packet.
Authentication Header (AH)
IPsec protocol for authentication
Encapsulating Security Payload (ESP)
IPsec protocol involved in authentication and encryption
Internet Security Association and Key Management Protocol (ISAKMP)
IPsec protocol used for establishing security associations that define things like the protocol used for exchanging keys.
Two widely used key exchanging protocols
Internet Key Exchange (IKE) and Kerberized Internet Negotiation of Keys (KINK)
Secure Copy Protocol (SCP)
One of the first protocols used to transfer data securely between two hosts.
Secure FTP (SFTP)
Designed as a replacement for FTP after SCP was discovered to suck.
A series of secure programs developed to fix SSH's limitation of only being able to handle one session per tunnel.
Simple Network Management Protocol (SNMP)
-A set of standards for communication with network devices in order to manage them.
-UDP port 161
Management Information Base (MIB)
SNMP's version of a server
An SNMP tool that enables you to query an SNMP-capable device for info.
Lightweight Directory Access Protocol (LDAP)
-Tool that programs use to query and change a database
-TCP port 389