Study sets, textbooks, questions
Upgrade to remove ads
Chapter 3: Understanding Basic Network Security
Get Quizlet's official Security+ - 1 term, 1 practice question, 1 full practice test
Terms in this set (64)
Networking protocols provide the rules needed for computers to communicate with each other on a network. TCP/IP (Transmission Control Protocol) is a full suite of protocols used on the internet and many internal networks.
Transmissions Control Protocol (TCP)
Connections oriented traffic (Guaranteed delivery). _____ uses a three way handshake. To start a _____ session, the client sends SYN (synchronized) packet. The server respons with a SYN/ACK packet, and the client completes the third part of the handshake with an ACK packet. connection is then extablished. - Basic Connectivity Protocol
User Datagram Protocol (UDP)
provides connectionless sessions (without handshake). ICMP or Internet control message protocol traffic and audio and viedo streaming use this. All TCP/IP traffic is either connection oriented TCP traffic or connectionless UDP. - Basic Connectivity Protocol
internet Protocol (IP)
The ____ identifies host in a TCP/IP network and delivers traffic from one host to another using IP addresses. IPv4 uses 32 bit addresses represented in dotted decimal format, such as 192.168.1.100. IPv6 uses 128 bit addresses using hexadeciaml code.- Basic Connectivity Protocol
Address Resoultion Protocol (ARP)
resolves IP addresses to Media Access Control (MAC) addresses. TCP/IP uses the IP address to get a packet to a destination network, but once it arrives on the destination network, it uses the MAC address to get it to the correct host. - Basic Connectivity Protocol
Internet control message protocol (ICMP)
is used for testing basic connectivity and inclues tools such as ping, pathping, and tracert. Ping can check for basic connectivity between two systems. - Basic Connectivity Protocol
Any traffic sent accross the wire in clear text is subject to sniffing attacks with a protocol analyzer. One way to protect against this vulnerability is to encrypt the data. Examples include: SSH, FTPS, SFTP, SCP, IPsec, SSL, and TLS.
Secure Shell (SSH)
can be used to encrypt a wide variety of traffic, such as telnet, secure copy (SCP) and secure file transfer protocol (SFTP). when traffic is encypted with SSH, it uses port 22. -Encryption Protocol
Secure copy protocol (SCP)
is based on SSH. Users can use ________ to copy encypted files over a network. _________ uses port 22. -Encryption Protocol
secure sockets layer (SSL)
The __________ protocol secures HTTP traffic as HTTPS. SSL can also encrypt other types of traffic such as LDAP. SSL uses port 443 when encrypting HTTP, and port 636 when encrypting LDAP/SSL (LDAPS). -Encryption Protocol
Transport layer security (TLS)
protocol is the designated replacement for SSL. At this point you can use _______ instead of SSL in just about any application. For example, ______ can encrypt HTTP traffic as HTTPS (on port 443), and LDAP traffic as LDAPS on port 636. -Encryption Protocol
Internet protocol security (IPsec)
is used to encrypt IP traffic. Native IPv6 but can work with IPv4. IPsec includes ESP and AH, and can encrypt IP packet payloads. IPsec works in both tunnel and transport modes. -Encryption Protocol
Different _________ ___________ are used on the internet and within an intranet. A common one used is HTTP to access web pages on the internet.
Hypertext Transfer Protocol (HTTP)
is used for web traffic on the internet and in intranets. HTML is common language used to display web pages. USES port 80 - Application protocol
Hypertext Transfer Protocol Secure (HTTPS)
secures web traffic by transmitting it in an encrypted format. Encrypted using SSL or TLS and it uses port 443. -Application protocol
File transfer protocol (FTP)
uploads and downloads files to and from and FTP server. Transmits data in clear text making it easy to attack. Uses port 20 and 21-Application protocol
Secure File Transfer Protocol (SFTP)
is a secure implementation of FTP. Is an extension of secure shell (SSH) and uses port 22. -Application protocol
File Transfer Protocol Secure (FTPS)
is an extension of FTP and ueses SSL or TLS to ecrypt FTP traffic. Uses Ports 989 and 990. -Application protocol
Trvial file transfer protocol (TFTP)
uses UDP and is used to transfer smaller amounts of data, such as when communicating with network devices. Port 69 -Application protocol
used to connect to remote systems or netwok devices over a network (Such as a router). Port 23 or 22. You can encrypt _________ traffic with SSH, and it uses port 22 when encrypted with SSH. -Application protocol
Simple network management protocol (SNMP)
is sued to monitor and manage network devices such as router or switches. Port 161. _________ Agents report information via notification known as _________ traps. -Application protocol
Domain Name system (DNS)
is a service that resolves host names to IP addresses on the internet and internal networks. Port 53 -Application protocol
Network Basic Input/output system is a name resolution service for NetBIOS system names on an internal network. Ports 137-139 -Application protocol
Lightweight Directory Access Protocol (LDAP)
is the language used to comunicate with directories such as microsoft's Active Directory. -Application protocol
Authentication protocol used in windows domain and some UNIX environments. Ports 88 -Application protocol
Microsoft SQL Server
Is a server application that host database accessible from web servers and a wide array of applications. Port 1433 -Application protocol
SMTP, PoP3, IMAP4
Simple mail transport protocol (SMTP)
transfer e-mail between clients and _______ servers, and between _______ servers. Uses Port 25.
Post office protocol v3 (PoP3)
transfers e-mails from servers down to clients. Pop3 uses port 110.
internet message access protocol 4 (IMAP4)
is used to store email on an email server. IMAP4 allows a user to organize and manage email in folders on the server port 143 -email protocol
Remote Access Protocols
PPP, IPsec, PPTP, L2TP, RADIUS, TACACS/XTACACS
Point to point protocol (PPP)
is used to create dial-up connections between dial up client and a remote access server, or between a dial up client and an ISP. - remote protocol
IPsec Remote Access
IPsec can be used as a remote access tunneling protocol to encrypt traffic going over the internet.Uses port 500 for IPsec VPN connections. - remote protocol
Point to point tunneling protocol (PPTP)
Point to point tunneling protocol is a tunneling protocol used with VPNs that has some known vulnerabilities. PPTP uses TCP port 1723- remote protocol
Layer 2 tunneling protocol (L2TP)
combines the stregnth of layers 2 forwarding - remote protocol
Remote authentication dial in user service central authentication to remote access clients. Each remote access server can foward authentication request to the cental radius server. - remote protocol
Terminal Access Controller Access Control System (TACACS)
is an older network authentication protocols. - remote protocol
Terminal Access Controller Access Control System + (TACACS+)
is used as an alternative over RADIUS. it uses multiple challenge responses for authentication, authorization, and audit. Usea TCP port 49 - remote protocol
Uses 32 bit IP addresses expressed in dotted decimal format. For example, 192.168.1.5 is four decimals seperated by periods or dots.
uses 128 bit IP addresses expressed in hexadecimal format. For example, FE80:0000:0000:0000:20D4:3FF7:003F:DE62 includes eight groups of four hexadeicmal characters.
Divides a single range of IP addresses into several small ranges of IP address.
Logical numbers used by TCP/IP to identify what service or application should handle data received by a system.
SSH(Secure shell), SFTP(secure File transfer protocol) (with SSH), and SCP(Secure copy protocol) all use port ____
Port 20 and 21
FTP (file transfer protocol)
Simple network management protocol (SNMP)
HTTP (Hypertext transfer protocol)
Hypertext transfer protocol (HTTPS)
NetBIOS (Network Basic Input/output system)`
SMTP (Simple mail transport protocol)
Remote Desktop Services
systems for open ports and attempts to discover what services and protocols are running.
are used for network connectivity and map MAC addresses to ports.
protects against switching loop problems, such as when a user connects two switch ports together with a cable. STP and RSTP are commonly enabled on switches to protect against switching loops.
limits access to switch ports. It includes limiting the number of MAC addresses per port and disabling unused ports. You can also manually map each port to a specific MAC address or group of addresses.
Virtual local area network (VLANS)
can logically separate computers or logically group computers regardless of their physical location.
helps protect a single system from intrusions.
Filters traffic between networks and can filter both incoming and outgoing traffic. In other works, a __________ can ensure only specific types of traffic are allowed into your network. Most ___________ use an implicit deny strategy where all traffic not explicitly allowed is blocked. This can be implemented with a deny all, or deny any any rule at the end of the ACL.
controls traffic going in and out of a network.
A ________________ controls traffic between networks using rules within an ACL. The ACL can block traffic based on ports, IP addresses, subnets, and some protocols.
performs content filtering (including filtering for malicious attachments, malicious code, blocked URLs, and more).
can optimize and distribute data loads across multiple computers.
provides a layer of protection for servers that are accessible from the Internet.
Network Access Translation (NAT)
translates public IP addresses to private IP addresses, private back to public, and hides IP addresses on the internal network from users on the Internet.
forwards requests for services from a client. It can filter requests based on URLs, cache content, and record user's Internet activity.
Sets found in the same folder
Chapter 4: Securing Your Network
Chapter 6: Understanding Malware and Social Engine…
Chapter 7: Identifying Advanced Attacks
Chapter 8: Managing Risk
Sets with similar terms
Ch 3 Objectives: Understanding Basic Network Secur…
Module #14 Wireless Fundamentals
Other sets by this creator
Chapter 11: Exploring Operational Security
Chapter 10: Understanding Cryptography
Chapter 9: Preparing for Business Continuity
Other Quizlet sets
life cycle quiz
Chem 1 Chapter 1
A deleted file in the Recycle Bin is named RIYH6VR.doc . This tells us:
In addition to the CompTIA Network+ Certification, which certification is also offered by CompTIA?
What can you create with a text editor that contains a group of PowerShell commands and are an effective replacement for batch files?
RouterA has a static routing table and is not configured with a default routs. What happens when RouterA receives a packet that does not match any routes?