Study your flashcards anywhere!

Download the official Cram app for free >

  • Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off

How to study your flashcards.

Right/Left arrow keys: Navigate between flashcards.right arrow keyleft arrow key

Up/Down arrow keys: Flip the card between the front and back.down keyup key

H key: Show hint (3rd side).h key

A key: Read text to speech.a key


Play button


Play button




Click to flip

63 Cards in this Set

  • Front
  • Back
  • 3rd side (hint)
Ports: DNS lookup
UDP 53
Ports: DNS zone transfer
TCP 53
Ports: Bootstrap protocol server; DHCP server
UDP 67
Ports: Bootstrap protocol client; DHCP client
UDP 68
Ports: TFTP
UDP 69
Ports: HTTP
TCP 80
Ports: Kerberos
TCP 88
Ports: POPv2
TCP 109
What is hashing?
- hashing is a one-way technique that produces a unique fixed-length output string based on a variable-length input string.
- can be used to ensure data integrity and aid in authentication.
- examples: SHA, MD5.
Ports: POPv3
TCP 110
What is SHA?
- SHA stands for Secure Hash Algorithm.
- It was developed by the NIST.
- It produces a unique 160-bit message digest.
What is MD5?
- MD5 is a hashing algorithm developed by Ronald Rivest (of RSA).
- It produces a unique 128-bit message digest (aka "fingerprint").
- It is a commercial application of RFC 1321.
What is DSS?
- DSS stands for Digital Signature Standard.
- It is outlined in FIPS-186 (FIPS = Federal Information Processing Standards).
Ports: Sun RPC; NFS
TCP 111
What is a digital signature?
A digital signature is a message digest (encoded with the sender's *private* key) that is appended to the message (or sent separately). The receiver can verify the message's validity by decoding the message digest with the sender's *public* key and comparing it to the digest of the received message.

A digital signature ensures data integrity, but not confidentiality, unless the message itself is also encrypted.
What is irreversibility?
Irreversibility is the principle that describes the relationship between public and private key pairs. While mathematically related, it is considered "computationally infeasible" to derive one key from knowledge and possession of the other key, if the asymmetric cryptosystem has been securely designed and implemented.
What is authentication and non-repudiation, in the context of digital signatures?
Authentication is the verification that a message was sent from a specific party.

- With symmetric encryption, you can tell that the message sender knows the secret key.

- With assymetric encryption (with a public key and a digital signature), you know that the private key owner is the sender.

- Nonrepudation takes authentication a step further by having a third party verify the sender's identity and by preventing a sender from denying that he sent the message.

- Nonrepudiation is not possible with symmetric encryption, because the secret key is shared (and since more than party holds the key, you can't tell who sent the message).
Ports: Network Time Protocol (NTP)
What is DSA?
- DSA stands for the Digital Signature Algorithm, which is part of the Digital Signature Standard (DSS).

- It is based on the El Gamal algorithm (which is an extension of the Diffie-Hellman algorithm).
What is El Gamal?
- El Gamal is an assymetrical encryption algorithm.

- It is an extension of the Diffie-Hellman algorithm.

- The DSA is based on El Gamal.
Ports: End point mapper (epmap); NT RPC
TCP 135
What is RSA?
- RSA is an asymmetric encryption algorithm developed by Rivest, Shamir, and Adelman in 1977.

- It is similar to Diffie-Hellman, but signficantly faster, and offers digital signature authentication.

- It is generally used as a key-exchange mechanism, like Diffie-Hellman.
Ports: FTP data port
TCP 20
Ports: NetBIOS name service
Ports: FTP control port
TCP 21
Ports: NetBIOS datagram service
UDP 138
Ports: SSH
TCP 22
Ports: Telnet
TCP 23
TCP 49
Ports: SMTP
TCP 25
Ports: NetBIOS session service
TCP 139
Ports: IMAP
TCP 143
Ports: SNMP
UDP 161
Ports: SNMP Trap
UDP 162
Ports: LDAP
Ports: TLS/SSL
TCP 443
Ports: NNTP
TCP 119
Ports: Microsoft DS (NetBIOS service)
Ports: IKE; Internet Security Association and Key Management Protocol
Ports: UNIX Syslog
UDP 514
Ports: L2TP
UDP 1701
Ports: PPTP
TCP 1723
Ports: Sun NFS
TCP 2049
Ports: Microsoft Terminal Services
TCP 3389
Ports: PCAnywhere data
TCP 5631
Ports: PCAnywhere status
UDP 5632
AH and ESP Encapsulated in UDP packet
TCP/UDP 2070
Ports: IRC
Ports: Z39.50
Ports: LDAPS
LDAP protocol over TLS/SSL (was SLDAP)
Ports: Kerberos administration
What is CHAP?
1. CHAP is an encrypted remote authentication protocol.
2. It stands for Challenge Handshake Authentication Procotol.
3. Developed as an improvement over PAP, which send user/pass data in the clear.
4. CHAP uses a three-way handshake method, aka "challenge-response" method.
5. CHAP helps prevent playback attacks and session highjacking.
6. It still requires strong passwords to be effective.
What is SMBDie?
SMBDie is a proof-of-concept tool that causes DoS. It exploits a NetBIOS vulnerability to cause Windows to malfunction when sending a specially crafted SMB (Server Message Block) request.

- Close TCP ports 445 and 139;
- OS updates.
What is Netbus Pro?
Netbus Pro is a remote admin (sort of like pcAnywhere) and spy tool that can run in invisible mode.

It has keyboard monitoring, a file manager, and remote control.
What is netcat?
netcat is(/was):

- a feature-rich command-line network debugging and exploration tool.

- called the "TCP/IP Swiss Army knife" because of its versatility.

- can create almost any kind of connection.

- can be configured to run as a background process; could be configured as a Trojan and executed with the user's permissions.

- originally written by "Hobbit" for UNIX; now available at sourceforge for several OSes.
What is Nmap?
Nmap is a command-line utility for network exploration and security auditing. It has 3 main functions:

1) OS detection (uses OS fingerprinting);
2) port scanning;
3) ping scans.

- It is powerful enough to quickly scan large networks.

- Its goal is to make networks more secure.

- Is free under GNU GPL.
What is Nessus?
> is freeware tool;
> uses a list of known attack types;
> outputs a list of possibly exploitable services;
> suggests how to improve security of a host;
What is snoop?
snoop is a flexible packet sniffer for solaris.

cf. tcpdump (Linux)
What is tcpdump?
tcpdump is a packet-sniffing tool, used to gain info about traffic types, hosts, & routing.
What is Ethereal?
Ethereal is a more advanced GUI packet-sniffing tool that can reassemble TCP streams and sessions. It is the predecesor to Wireshark.
What is Wireshark?
Wireshark is a GUI packet sniffer, the descendant of Ethereal.
What is Snort?
- is a free software network intrusion detection and prevention system capable of performing packet logging & real-time traffic analysis, on IP networks;

- can dump entire ISO layer;

- can generate traffic-based alerts.
What are the layers of the OSI Model?
Use the mnemonic: "All People Seem to Need Data Processing".