Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
39 Cards in this Set
- Front
- Back
LT2P |
Layer 2 tunneling protocol uses IPSEC for encryption |
|
SSH |
Secure Shell TCP 22 |
|
SCP |
Secure copy TCP 22 |
|
SFTP |
Secure File Transfer Protocol FTP over SSH An extension of SSH for transferring files TCP 22 Easier to work across firewalls than FTPS |
|
FTPS |
FTP over SSL TCP 989 (data) TCP 990 (control) Uses SSL and requires a certificate and FTP server. Not supported by all FTP servers More problematic with firewalls because it requires multiple open ports. |
|
TFTP |
Trivial File Transfer Protocol UDP 69 |
|
HTTPS |
HTTP encrypted with SSL/TLS TCP 443 |
|
IPSEC |
IP Security Encrypted tunnel at IP level Used for VPN's Firewalls, etc. TCP & UDP 1293 |
|
ICMP |
Internet Control Message protocol Used by PING. Usually blocked by firewalls |
|
SNMP |
Simple Network Management Protocol V1 in the clear V2 Data enhancements, still in the clear V3 Integrity, authentication & encryption |
|
Kerberos |
Mutual authentication prevents man in the middle attacks. TCP & UDP 88 3 "heads": KDC Key Distribution Center Authentication Service Ticket Granting Service |
|
EAP |
Extensible Authentication Protocol |
|
PEAP |
Protected Extensible Authenticaton Protocol Encapsulates EAP in a TLS tunnel |
|
LEAP |
Lightweight Extensible Authentication Protocol Cisco proprietary No certificates Based on MS-CHAP, including it's shortcomings |
|
WPA |
WIFI Protected Access |
|
WPA2 |
WIFI Protected Access v2 AES with CCMP |
|
WPA2-Enterprise |
Built on TKIP Authentication servers |
|
TKIP |
Temporal Key Integrity Protocol Superseded by AES Every packet gets a unique encryption key Sequence counters protect from replay attacks |
|
CCMP |
Counter mode Cipher block chaining Message authentication Protocol Newer and preferable to TKIP 128 bit key |
|
FCOE |
Fiber Channel Over Ethernet Not routable |
|
FCIP |
Fiber channel over IP Fiber channel tunneling Routable |
|
LDAP |
Lightweight Directory Access Protocol Based on x.500 spec Uses TLS for encryption |
|
ISCSI |
Internet Small Computer Systems Interface SCSI commands over IP Makes a remote disk look and act like a local drive |
|
TOTP |
Time bases One Time Password Expires after 30 seconds |
|
SAML |
Security Assertion Markup Language XML standard for exchange of authentication & authorization info Used in single sign on solutions |
|
PAP |
Password Authentication Protocol Insecure, clear text |
|
IKE |
Internet Key Exchange UDP 500 a.k.a ISAKMP |
|
CHAP |
Challenge Handshake Authentication Protocol
3 way handshake |
|
LANMAN |
Similar to CHAP Somewhat insecure ASCII |
|
NTLM |
NT LANMAN Updated with windows NT Unicode 14 characters maximum Stored as 128 bit MD4 hash |
|
NTLM V2 |
NT LANMAN Updated with NT service pack 4 |
|
ISAKMP |
Internet Security And Key Management Protocol UDP 500 a.k.a. IKE Internet Key Exchange |
|
ESP |
Encapsualtion Security Payload |
|
OCSP |
Online Certificate Status Protocol |
|
AES |
Advanced Encryption Standard |
|
NDP |
Neighbor Discovery Protocol Used by IPV6 for mac to IP address resolution |
|
S/MIME |
A protocol for sending digitally signed and encrypted messages. Uses public key encryption. |
|
ESP |
Encapsulating Security Payload. Part of the IPSec suite. Provides both authentication and encryption of data. |
|
What is a weakness of MS-CHAP and MS-CHAPv2? |
Weak 56 bit DES encryption |