Security+ Set 2
Terms
undefined, object
copy deck
- What is the DSS?
- Digital Signature Standard- provides for non-repudiation of messages
- Does DSS use symmetric or asymmetric keys?
- asymmetric
- What is PEM?
- Privacy Enhanced Mail- public-key encryption similar to S/MIME
- What does PGP use in place of a CA?
- a "web of trust"
- What type of encryption is Kerberos?
- symmetric
- What is X.509 used for?
- digital certificates
- What are tokens also known as?
- One-time passwords
- What type of network is extremely vulnerable to Man in the Middle attacks?
- wireless
- What is smurfing?
- broadcasting echo requests with a falsified source address, overwhelming the owner of the address
- What port does the chargen exploit use?
- TCP 19
- What port does echo use?
- port 7
- What ports does FTP use?
- ports 20 and 21
- What port does FTP use for data?
- port 20
- What port does SSH use?
- port 22
- What port does Telnet use?
- port 23
- What port does SMTP use?
- port 25
- What port does TACACS use?
- port 49
- What ports does DNS use?
- TCP and UDP 53
- What port does POP3 use?
- port 110
- What port does SNMP use?
- port 161
- What port does HTTPS use?
- TCP 443
- What port does RADIUS use?
- port 1812
- What does 802.1x do?
- provides an authentication framework for wired and wirelss networks
- What is TACACS?
- Terminal Access Controller Access Control System
- What advantage does TACACS+ have over TACACS?
- multi-factor authentication
- What protocol is replacing PPTP?
- L2TP
- What two protocols were combined to form L2TP?
- Microsoft's PPTP and Cisco's L2F
- What are the two main components of L2TP?
- L2TP Access Controller (LAC) and L2TP Network Server (LNS)
- What three utilities comprise SSH?
- SSH, Slogon, SCP
- What type of encryption does SSH use?
- RSA PKI
- What two services are provided by IPSec?
- Authentication Header (AH) and Encapsulating Security Payload (ESP)
- What encryption does S/MIME use?
- RSA
- Who developed PGP?
- Phillip R. Zimmerman
- What is PGP primarily used for?
- email encryption
- What type of encryption does PGP use?
- PKI
- What two algorithm options exist for PGP?
- RSA and Diffie-Hellman
- Are SSL sessions stateful or stateless?
- stateful
- What two strengths does SSL come in?
- 40-bit and 128-bit
- What is TLS?
- Transport-Layer Security- a successor to SSL
- What type of encryption does SSL use?
- RSA PKI
- What two layers does TLS consist of?
- TLS Record Protocol and TLS Handshake Protocol
- Are SSL and TLS compatible?
- no
- What is HTTPS?
- HTTP over SSL
- What kind of encryption does HTTPS use?
- 40-bit RC4
- What is Authenticode?
- a method of signing ActiveX controls
- What language is normally used to write CGI scripts?
- Perl
- What is DEN?
- Directory-Enabled Networking- specification for how to store network information in a central location
- What model is DEN based on?
- Common Information Model (CIM)
- What security problem does FTP have?
- authentication sent in cleartext
- What does S/FTP use for encryption?
- SSL
- What are the four WAP layers?
- Wireless Application Environment (WAE); Wireless Session Layer (WSL); Wireless Transport Layer Security (WTLS); Wireless Transport Layer (WTL)
- What is WML?
- Wireless Markup Language- used to create pages for WAP
- What OS do most PBX's use?
- UNIX