Chapter 5 - Network Security Flashcards Preview

Network + > Chapter 5 - Network Security > Flashcards

Flashcards in Chapter 5 - Network Security Deck (25)
Loading flashcards...
1

another name for "key"

5-177

encryption decoder

2

2 things found in WPA but not in WEP

5-178

TKIP - scrambles key with hashing for data encryption

EAP - used with certificates for authentication

3

2 ways WPA2 improves on WPA

5-178

AES for encryption

CCMP - 802.11i, this is the encryption that replaced TKIP

4

what standard does WPA enterprise use?

5-178

IEEE 802.1X

5

6 attributes used by ACL for filtering

5-180

source and destination IP addresses
source and destination MAC addresses
protocol
port number

6

2 locations where IP filtering should be employed

5-181

router

firewall

7

tell me the ranges for port

well known?
registered?
dynamic/private?

5-181

0-1023
1024-49151
49152-65535

8

3 protocols used in VPN

5-182

SSL
L2TP
PPTP

9

3 security services of IPSec

5-183

data verification
protection from data tampering
privacy of transactions

10

what protocol provides for secure creation and management of keys?

5-184

ISAKMP

11

tell me about TLS and TLS 1.2

5-184

TLS - kills eavesdropping, tampering, message forgery

TLS 1.2 - longer key and more sophisticated algorithms than what's in TLS

12

what does RAS and RRAS both do?

what protocols do they use?

5-185

remote access connectivity to a LAN environment

PPTP, L2TP

13

main function of PPPoE?

5-186

encapsulate PPP frames inside ethernet frames

14

the 3 authentication options of PPP

5-186

PAP
CHAP
EAP

15

where does SSH operate at? (layer?)

5-187

7 and 5
application and session

16

what is PKI?

how does it work?

5-188,189

public key infrastructure

public key - identifies user, encrypts data
private key - only held by the user, stored by the OS, decrypts the data

17

what is Kerberos?

5-189

default authentication protocol for Active Directory AND for Novell NDS systems

18

TGT?
KDC?
AAA?
RADIUS?
TACACS+?

5-189,190

ticket granting ticket
key distribution center
authentication, authorization, accounting
remote authentication dial-in user service
terminal access controller access control system +

19

in 802.1x,
the client = ?
WAP = ?
________________________________________________

CHAP = ?

5-191

supplicant
authenticator
_________________________________________

challenge handshake authentication protocol

20

give an example of two factor authentication

5-192

smartcard plus PIN

21

give an example of multifactor authentication

5-193

smartcard plus PIN plus biometrics

22

how to defend against WPA cracking?

DoS?
DDoS?

5-196

use WPA2 with AES

denial of service

distributed denial of service

23

what type of attack is phishing?

how is a worm different from a virus?

5 - 198,199

social engineering

doesn't need to attach itself to an application

24

the best firewall settings use what?

5-203

implicit deny

25

what should you place in the DMZ?

5-204

your servers that are used by hosts in both the internal network and the external network