Study sets, textbooks, questions
Upgrade to remove ads
Block IV-Understanding Basic Network Protocols and Security
Get Quizlet's official A+ Core 2 - 1 term, 1 practice question, 1 full practice test
Terms in this set (73)
What transport layer protocol provides connection-oriented traffic using a three-way handshake?
What transport layer protocol provides connectionless sessions without a three-way handshake?
What protocol identifies host in a network and delivers traffic from one host to another using IP addresses?
Internet Protocol (IP)
What protocol resolves IP addresses to MAC address once a packet reaches the destination subnet?
Address Resolution Protocol (ARP)
What type of attack uses ARP packets to give clients false hardware address updates and can be used to direct or interrupt network traffic?
What protocol is used for testing basic connectivity and includes such tools as ping, pathping, and tracert?
Internet Control Message Protocol (ICMP)
What is a common denial-of-service attack that sends multiple packets but never completes the third part of the handshake?
SYN Flood Attack
What can detect SYN flood attacks and take steps to close open sessions?
What protocol is commonly blocked at firewalls and routers to prevent DoS attackes?
What protocol encrypts a wide variety of traffic and uses port 22?
Secure Shell (SSH)
What protocol secures HTTP traffic as HTTPS?
Secure Sockets Layer (SSL)
What protocol is designated as the replacement for SSL on port 443 and can also encrypt LDAPS traffic on port 636?
Transport Layer Security (TLS)
What protocol is used for web traffic on the Internet and intranet?
Hypertext Transfer Protocol (HTTP)
What protocol secures web traffic on the Internet and intranet?
HTTP Secure (HTTPS)
What protocol uploads and downloads files to and from a server and uses TCP on port 21?
File Transfer Protocol (FTP)
What protocol securely uploads and downloads files to and from a server and uses TCP on port 22?
Secure FTP (SFTP)
What protocol is an extension of TFP and uses SSL or TLS to encrypt FTP traffic?
FTP Secure (FTPS)
What protocol uses UDP and is used to transfer small amounts of data on port 69?
Trivial File Transfer Protocol (TFTP)
What protocol is used to encrypt IP traffic?
Internet Protocol security (IPsec)
What protocol uses port 23 and is often used to connect to network devices to make changes?
What protocol uses port 161 to monitor and manage network devices such as routers and switches?
Simple Network Management Protocol (SNMP)
What is a service that resolves host names to IP addresses on the Internet and internal networks?
Domain Name System (DNS)
What provides name resolution service for internal networks using ports 137-139?
Network Basic Input/output System (NetBIOS)
What protocol on port 389 is the language used to communicate with directories such as Microsoft's Active Directory or Novell's Netware Directory (NDS)?
Lightweight Directory Access Protocol (LDAP)
What protocol uses port 88 and is the authentication protocol used in Windows domains and some UNIX environments?
What uses port 1433 and is a server application that hosts databases accessible from web servers and a wide array of applications?
Microsoft's SQL Server
What protocols use port 3389 to allow clients remote access to systems?
Remote Administration, Terminal Services or Remote Desktop Services
What protocol uses port 25 to transfer e-mail between clients?
Simple Mail Transport Protocol (SMTP)
What protocol uses port 110 to transfer e-mail from servers down to clients?
Post Office Protocol v3 (POP3)
What protocol uses port 143 to store and organize e-mail on an e-mail server?
Internet Message Access Protocol (IMAP4)
What protocol is used to create dial-up connections between client and a remote access server or Internet Service Provider (ISP)?
Point-to-Point Protocol (PPP)
What protocol uses the internet key exchange (IKE) over port 500 to create a security association for VPN?
What is a tunneling protocol used with VPNs over port 1723 creates a secure channel with encryption, but has know vulnerabilities?
Point-to-Point Tunneling Protocol (PPTP)
What protocol uses UDP over port 1701 to combine the strengths of Layer 2 Forwarding (L2F) and PPTP for VPN?
Layer 2 Tunneling Protocol (L2TP)
What RAS authentication protocol provides central authentication to remote access clients and only encrypts passwords?
Remote Authentication Dial-In User Service (RADIUS)
What RAS authentication protocol uses TCP over port 49 and is an alternative to RADIUS as it encrypts the entire authentication process?
Terminal Access Controller Access-Control System+ (TACACS+)
What older authentication protocol uses UDP over port 49?
Terminal Access Controller Access-Control System (TACACS)
How many bits is IPv6 and how are addresses expressed?
128 bits and eight groups of four hexadecimal characters
What tool can help determine what services and protocols are running on a remote system by identifying open ports?
How can you protect switches with port security?
limiting the number of MAC addresses per port and disabling unused ports
What protocol provides loop protection on switches?
Spanning Tree Protocol (STP)
What uses a switch to group several different computers logically into a virtual network?
virtual LAN (VLAN)
What performs filtering with an ACL?
Routers and Firewalls
________ provide protection for individual hosts such as servers or workstations.
________ are often dedicated servers or appliances and provide protection for the network.
Firewalls uses a deny any any, deny any, or a drop all statement at the end of an ACL to enforce an ______ strategy.
What appliances can monitor most data steams in search of malicious code and filter content?
Web security gateways or all-in-one security
What serves as a buffer zone between a private network and the internet?
demilitarized zone (DMZ)
What translates public IP addresses to private IP addresses, and private IP addresses back to public?
Network Address Translation (NAT)
What improves performance, reduces Internet bandwidth usage, filters content based on URLs and can log sites visited by any user?
What wireless security protocol used a shared key for encryption and decryption and is now considered weak and should not be used?
Wired Equivalent Protocol (WEP)
What wireless security protocol provided an immediate replacement for WEP and didn't require the replacement of hardware?
Wi-Fi Protected Access (WPA)
What wireless protocol is a permanent replacement of WEP and is recommended for used instead of WEP or WPA?
Wi-Fi Protected Access 2 (WPA2)
What wireless protocol uses Cipher Block Message Authentication Code Protocol (CCMP), which is much stronger than the older Temporary Key Integrity Protocol (TKIP)?
Wi-Fi Protected Access 2 (WPA2)
What wireless mode used a pre-shared key and does not provide individual authentication?
What wireless mode is more secure and provides strong authentication using an 802.1x server (implemented as a Radius server) to add authentication?
What provides standards for authentication in both wireless networks and remote access solutions?
Extensible Authentication Protocol (EAP)
What provides an extra layer of protection for EAP by encapsulating and encrypting the EAP conversation in a tunnel and requires a certificate authority to issue a certificate?
Protected Extensible Authentication Protocol/Transport Security Layer (PEAP/TLS)
What protocol modified a version of the Challenge Handshake Authentication Protocol (CHAP) to better secure EAP, but is no longer considered secure?
Lightweight Extensible Authentication Protocol (LEAP)
What two protocols are used for smaller wireless devices?
Wireless Transport Layer Security (WTLS) and elliptic curve cryptography (ECC)
What tunneling protocol has compatibility issues with network address translation (NAT)?
What tunneling protocol does not encrypt the tunnel itself, but often uses IPsec for encryption with UDP on port 1701?
What tunneling protocol encrypts VPN traffic using SSL over port 443 and is a useful alternative when the VPN tunnel must go through a device using NAT?
Secure Socket Tunneling Protocol (SSTP)
If using IPsec for tunneling, what is to through NAT?
NAT traversal (NAT-T) or use another tunneling protocol such as SSTP
IPsec includes _____ to provide confidentiality, integrity and authentication for VPN traffic?
Encapsulating Security Payload (ESP)
______ can be used to create a site-to-site tunnel between two physical locations of business, such as the main office, and a remote office.
What allows a connection to a private network over a public network?
virtual private network (VPN)
What is a group of technologies that allow users an internal network from remote locations?
Remote Access Service (RAS)
What is the primary protocol used for dial-up access and must often be combined with other protocols to enhance its security?
Point-to-Point Protocol (PPP)
_____ provides better security and lower cost that dial-up solutions.
Virtual Private Network (VPN)
The single improvement MS-CHAPv2 provided over Challenge Handshake Authentication Protocol (CHAP) was ________, requiring both the client and the server to authenticate to each other before sharing data.
What includes methods (such as health agents) to inspect clients and restrict them to a remediation network until antivirus software, operating systems, and firewalls are up to date?
Network access control (NAC)
MAC filtering is more effective in ____________ networks since it is more difficult for an attacker to discover authorized MACs.
Sets with similar terms
Chapter 3: Understanding Basic Network Security
Network+ chapter 11
SY0-501 Chapter 4: Securing Your Network
Other sets by this creator
CASP, Chap 9, Enterprise Security Integration
CASP, Chap 8, Searching Research
CASP, Chap 10.3, Smartphone Best Pratices
CASP, Chap 10, Security Controls for Communication…