Cloned from: Security +



keywords:
Bookmark and Share



Front Back
FTP

File Transfer Protocol
TCP Port 21
SMTP/SMTPS

Simple Message Transfer Protocol/secure
TCP Port 23/465
DNS

Domain Name Service
TCP and UDP Port 53
TFTP

Trivial FileĀ Transfer Protocol
UDP Port 69
HTTP/HTTPS

Hyper Text Transfer Protocol/Secure
TCP Port 80/443
Authentication factors (5)
  • something you are
  • something you know
  • something you have
  • time of day
  • location
Kerberos
  • TCP Port 88
  • uses symetric
  • single sign on
Kerberos Process
  • principal (idea)
  • Authentication Server (AS) - ticketmaster.com
  • Ticket Granting Server (TGS) - print will call ticket
  • Resource Server - gate guard
CHAP

Challenge Handshake Authentication Protocol
  • 3 way handshake (challenge,response hash, success/failure)
  • prevents replays
Ā 
AAA Systems

-authentication
-authorization
-accounting
radius = UDP Port 1812/1813, encrypts password

tacacs+ = TCP Port 49, more flexible, encrypts entire
802.1X
-port based authentication protocol
-device acccess control
Hashing
  • output called digest
  • integrity - insures no change
  • one way function, cant be reversed to decode
  • salting
Hashing

-MD5
128 Bit
Hashing

-SHA1
160 Bit; NSA; Most secure
Steganography
System by which a message is hidden so that only the sender and recipient realize a message is being transmitted
NTLM/LM
password encryption
Digital Signatures
  • non-repudiation
  • senders private key encrypts message hash
  • s/mime
  • pgp
Symmetric key algorithm
  • confidentiality
  • bulk
  • secret key
  • conventional
Symmetric

-DES
  • 56 Bit
  • modified lucifer
  • oldest
Symmetric

-3DES
  • 168 Bit Key
  • 129 Bit Strength
  • used in PGP
  • slowest of the fast
Symmetric

-AES
  • 128, 192, 256 Bit Keys
  • replaced DES standard
Symmetric

-CAST
  • 40 Bit to 128 Bit key
  • very fast and efficient
  • PGP
Symmetric -RC4/5
RC4 - stream WEP

RC5 - block up to 2,048 Bit
Symmetric

-OTP (one time pad)
plain text message with a key of equal length, unbreakable
Asymmetric
  • symmetric key exchange
  • integrity, non-repudiation, authentic
  • slower than symmetric
  • public/private key pair
Asymmetric

-Diffie-Hellman
  • oldest
  • key exchange only
  • web - very little
  • ipsec - often
Asymmetric

-RSA
  • factorized by large primes
  • web transactions
Asymmetric

-el gamal
  • based on diffie hellman
  • PGP
PKI

-Public Key Infrastructure
system with services implemented and delivered using public key technologies includes
-CAs and digital certificate
-non-repudation and key management
Digital Certificates
(authentication)
certificate based authentication types:
-one to one or many to one
-CA signs to bind public key to subject identity and corresponding private key
-required for HTTPS or S/MIME to work
-X.509v3 most common standards
-contains public key, validity and expiration dates
-expires b/c brute force will happen
SSL

-40 or 128 Bit
-session layer between transport and application
-uses asymmetric for key exchange
-symmetric for data confidentially
IPSEC

-Internet Protocol Security
-network layer, combined with L2TP for secure VPN
-AH (authentication header) provides data integrity
-transport encryption...data encryption only
-tunnel....data and header encrypted
WIRELESS

802.11 (a,b,g,n,i)
802.11a - 54Mbps, 5Ghz, OFDM
802.11b - 11Mbps, 2.4Ghz, DSSS
802.11g - 54Mbps, 2.4Ghz, OFDM/DSSS
802.11n - 600Mbps, 5/2.4Ghz, mimo
VPN

(virtual private network)
-most commonly used for securely over internet
VPN

-protocols
  • PPTP(tcp) - built in encryption
  • L2TP(udp) - needs IPSEC to encrypt, better of the 2
Sniffing
&
--Countermeasures
-passive access
-common for email, file, and print servers

--encryption, switches
Active Access
&
--Countermeasures
-snooping going through files or belongings

--strong authentication, encryption, physical security, PKI
DOS
(denial of service)
denies legitimate users access to PC or service
Smurf/Fraggle

--Countermeasures
-smurf- spoof source IP, ping network broadcast
-fraggle- uses conectionless UDP to overload service ports

--ACL anti-spoofing rule, block ICMP, block IMCP broadcast
DDos

--Countermeasures
-uses multiple PCs (zombie)

--AV, Patchees, IDS
Replay/Playback
capturing communications and sending it back to a PC while pretending to be a client

--kerberos, pki, chap
Firewall
software or hardware that allows only authorized traffic
application-proxy
-operates at application layer (7) and usually provides NAT
-stateful packet on all layers
-
C.I.A.
-confidentiality, integrity, availability
-key areas protected by IT systems and network security efforts
class C fire...
CO2
acceptable use policy
describes methods of and purposes for accessing systems
diaster recovery plan
plan is the most important item to have to recover from next diaster
risk identification
1st step, identify assets

when under attack...
first action should be to contain the problem by disconecting the cable
software updates
ideally come from manufacturers site should first be tested on non-production systems
x of y cards Next >|