Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
67 Cards in this Set
- Front
- Back
RA
|
remote access service
aka: network access service |
|
PAP
|
password authentication protocol
*passwords sent in cleartext |
|
CHAP
|
challenge handshake authentication protocol
|
|
RADIUS
|
remote authentication dial-in user service
|
|
TACACS+
|
terminal access controller access-controller system
*can interact with kerberos *uses port 49 |
|
3 types of authentication
|
-something you know
-something you have -something you are |
|
kerberos
|
authentication mechanism used in domains and UNIX realms; requires KDC to issue time-stamped tickets
*port 88 |
|
what kind of key is on a smart card
|
a private key
|
|
what is used by smart cards, but not fobs
|
certificates
|
|
KDC
|
key distribution center
|
|
MAC
|
mandatory access control
*uses labels to identify objects *uses lattice to specify security boundaries |
|
DAC
|
discretionary access control
*every object has an owner who establishes access for any other user |
|
RBAC
|
role based access control
*granted to users based on their jobs or tasks |
|
physical security methods
|
-hardware locks
-ID badges -door access systems -proximity cards -mantraps -video cameras |
|
logical tokens
|
holds all the SIDs associated with a user
|
|
OSI layers
|
1 physical
2 data 3 network 4 transport 5 session 6 presentation 7 application *all people seem to need data processing |
|
common protocols on application layer
|
HTTP
HTTPS FTP DNS SMTP SNMP |
|
common protocols on presentation layer
|
ASCII
EBCDIC TIFF JPG |
|
common protocols on session layer
|
SSL
NetBIOS |
|
common protocols on the transport layer
|
TLS
TCP UDP |
|
common protocols and devices on network layer
|
*routers and layer 3 switches
IP IPSec ICMP ARP |
|
common protocols and devices on network layer
|
*switches
MAC PPP |
|
common protocols and devices on network layer
|
*Hubs and NICs
Ethernet Token Ring |
|
ARP
|
address resolution protocol
*resolves IP addresses to the MAC address *ARP poisoning uses packets giving incorrect MAC address for a host |
|
TCP
|
transmission control protocol
*subject to a SYN flood attack which holds back the third packet back from handshake |
|
UDP
|
user datagram protocol
*connectionless sessions *used often with ICMP traffic and streaming audio/video *used often in DoS attacks |
|
IP
|
Internet Protocol
*IPv4 FTW |
|
IGMP
|
internet group management protocol
*used for multicasting |
|
ICMP
|
internet control message protocol
*used for diagnostics like ping, pathping, and tracert *many DoS attacks use ICMP *uses UDP not TCP |
|
HTTPS
|
hypertext transfer protocol over secure socket layer
*port 443 |
|
SNMP
|
simple network management protocol
*used to manage devices like routers and switches *first version passed clear text passwords; superseded by v2 and v3 |
|
FTP port
|
20,21
|
|
SSH
|
22
|
|
Telnet
|
23
|
|
SMTP
|
25
|
|
TACACS
|
49
|
|
DNS
|
53
|
|
Kerberos
|
88
|
|
HTTP
|
80
|
|
SSL
|
443
|
|
HTTPS
|
443
|
|
NNTP
|
119
|
|
IMAP4
|
143
|
|
LDAP
|
389
|
|
LDAP/TLS
|
636
|
|
LDAP/SSL
|
636
|
|
POP3
|
110
|
|
L2TP
|
1701
|
|
PPTP
|
1723
|
|
Terminal Services
|
3389
|
|
SMTP
|
simple mail transport protocol
|
|
POP3
|
post office protocol v3
|
|
IMAP4
|
internet message access protocol; IMAP4 allows user to organize and manage email in folder on server
|
|
SSL
|
secure sockets layer protocol
*encrypts many types of traffic like HTTPS or LDAP *operates on session layer |
|
TLS
|
transport layer security protocol
*replacement for SSL *operates on transport layer |
|
IPSec
|
internet protocol security
*used to encrypt IP traffic on network layer *notable used to encrypt L2TP |
|
Most common tunneling protocols used for VPNs
|
L2TP and PPTP
1701 and 1723 |
|
common port scanners
|
Nmap and Superscan
|
|
NAT
|
network address translation
*translates public IP addresses to private IP addresses |
|
MAC flooding
|
switch has limited amount of memory for internal table; when filled, a switch can default to "failopen" mode
|
|
stateful firewall
|
a stateful firewall has the ability to examine multiple packets involved in a network connection----only packets involved in a legitimate connection or network conversation are allowed
|
|
firewall usage
|
content filtering
firewall logs network-based host-based (software) |
|
HIDS
|
host-based intrusion detection system
*servers and workstations |
|
NIDS
|
network-based intrusion detection system
*routers and firewalls |
|
honeypot
|
a server on a network that is used to divert attacker from live network by looking easier to attack
|
|
honeynet
|
group of virtual servers that mimic a live network
|
|
NIPS
|
network intrusion prevention system
*NIPS is placed in line instead of acting as a sensor which allows it to react much quicker than NIDS |