Network Security Protocols and Concepts, Exams of Network security

A wide range of network security protocols, concepts, and tools. It provides information on media access control (mac) addresses, oracle system ids, berkeley r-commands, file permissions, wi-fi communication, wireless security protocols like wep, tkip, and wpa/wpa2, authentication protocols like eap and leap, network protocols like telnet, http, ftp, and ssh, network management protocols like snmp, file transfer protocols like tftp, network time synchronization with ntp, network traffic analysis tools, password hashing, domain registration information, dns concepts, file system permissions, encryption and hashing algorithms, and network security devices like firewalls and switches. This comprehensive coverage of network security topics makes this document a valuable resource for students, network administrators, and security professionals.

Typology: Exams

2024/2025

Available from 10/28/2024

nancy-kimani
nancy-kimani šŸ‡¬šŸ‡§

4.1

(40)

2.9K documents

1 / 24

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
CREST CPSA 4, CPSA 5
Internet Protocol Security (IPsec) - ANSWER-a secure network protocol suite
that authenticates and encrypts the packets of data sent over an Internet
Protocol network
Internet Protocol Security (IPsec) - ANSWER-used in virtual private networks
(VPNs)
number of possible TCP ports - ANSWER-65535
number of possible UDP ports - ANSWER-65535
RFC1918 24-bit block - ANSWER-10.0.0.0/8
RFC1918 20-bit block - ANSWER-172.16.0.0/12
RFC1918 16-bit block - ANSWER-192.168.0.0/16
Common Vulnerabilities and Exposures (CVE) - ANSWER-provides a
reference-method for publicly known information-security vulnerabilities and
exposures
Common Vulnerability Scoring System (CVSS) - ANSWER-an open industry
standard for assessing the severity of computer system security
vulnerabilities
DREAD - ANSWER-part of a system for risk-assessing computer security
threats
Common Weakness Enumeration (CWE) - ANSWER-a category system for
software weaknesses and vulnerabilities
National Vulnerability Database (NVD) - ANSWER-the U.S. government
repository of standards-based vulnerability management data represented
using the Security Content Automation Protocol (SCAP)
500- ANSWER-Internal Server Error
501- ANSWER-Not Implemented
502- ANSWER-Bad Gateway
503- ANSWER-Service Unavailable
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18

Partial preview of the text

Download Network Security Protocols and Concepts and more Exams Network security in PDF only on Docsity!

CREST CPSA 4, CPSA 5

Internet Protocol Security (IPsec) - ANSWER-a secure network protocol suite that authenticates and encrypts the packets of data sent over an Internet Protocol network Internet Protocol Security (IPsec) - ANSWER-used in virtual private networks (VPNs) number of possible TCP ports - ANSWER- number of possible UDP ports - ANSWER- RFC1918 24-bit block - ANSWER-10.0.0.0/ RFC1918 20-bit block - ANSWER-172.16.0.0/ RFC1918 16-bit block - ANSWER-192.168.0.0/ Common Vulnerabilities and Exposures (CVE) - ANSWER-provides a reference-method for publicly known information-security vulnerabilities and exposures Common Vulnerability Scoring System (CVSS) - ANSWER-an open industry standard for assessing the severity of computer system security vulnerabilities DREAD - ANSWER-part of a system for risk-assessing computer security threats Common Weakness Enumeration (CWE) - ANSWER-a category system for software weaknesses and vulnerabilities National Vulnerability Database (NVD) - ANSWER-the U.S. government repository of standards-based vulnerability management data represented using the Security Content Automation Protocol (SCAP) 500 - ANSWER-Internal Server Error 501 - ANSWER-Not Implemented 502 - ANSWER-Bad Gateway 503 - ANSWER-Service Unavailable

504 - ANSWER-Gateway Timeout 505 - ANSWER-HTTP Version Not Supported

413 - ANSWER-Payload Too Large 426 - ANSWER-Upgrade Required 429 - ANSWER-Too Many Requests threat - ANSWER-a source of potential disruption, which has the potential to cause a risk risk - ANSWER-the combination of consequences of a threat occurring and the likelihood of it doing so inherent risk - ANSWER-the risk that an event will occur which may negatively affect the achievement of organisation's objectives, assuming there are no controls in place residual risk - ANSWER-the risk which remains after taking controls in to account Session Initiation Protocol (SIP) - ANSWER-a signaling protocol used for initiating, maintaining, and terminating real-time sessions that include voice, video and messaging applications SIP requests - ANSWER-REGISTER; INVITE; ACK; BYE; CANCEL; UPDATE; REFER; PRACK; SUBSCRIBE; NOTIFY; PUBLISH; MESSAGE; INFO; OPTIONS IPsec security architecture - ANSWER-Authentication Headers (AH) Encapsulating Security Payloads (ESP) Security Associations (SA) - Internet Security Association and Key Management Protocol (ISAKMP); Internet Key Exchange (IKE and IKEv2) LM - ANSWER-all passwords are converted into uppercase before generating the hash value LM - ANSWER-password length is limited to maximum of 14 characters LM - ANSWER-a 14-character password is broken into 7+7 characters and the hash is calculated for the two halves separately LM - ANSWER-if the password is 7 characters or less, then the second half of hash will always produce same constant value (AAD3B435B51404EE) LM - ANSWER-the hash value is sent to network servers without salting LM - ANSWER-uses DES 128 bits - ANSWER-LAN Manager (LM) hash size:

Net-NTLM - ANSWER-used for network authentication Net-NTLM - ANSWER-get these hashes when using tools like Responder or Inveigh Net-NTLMv1 - ANSWER-uses DES Net-NTLMv2 - ANSWER-uses HMAC-MD 128 bits - ANSWER-Network New Technology LAN Manager (Net-NTLM) hashes size: NTLM - ANSWER-get these hashes when dumping the SAM database of any Windows OS, a Domain Controller's Ntds.dit database or from Mimikatz NTLM - ANSWER-uses MD 128 bits - ANSWER-New Technology LAN Manager (NTLM) hash size: NTLM - ANSWER-You CAN perform Pass-The-Hash attacks with these hashes Net-NTLM - ANSWER-You CANNOT perform Pass-The-Hash attacks with these hashes nbtstat; nbtscan - ANSWER-NetBIOS scanning tools: nbtstat - ANSWER-a command line utility that is integrated in windows systems and it can unveil information about the NetBIOS names and the remote machine name table or local but only for one host nbtscan - ANSWER-a NetBIOS nameserver scanner which has the same functions as nbtstat but it operates on a range of addresses instead of one PEAP - ANSWER-a protocol that encapsulates the Extensible Authentication Protocol (EAP) within an encrypted and authenticated Transport Layer Security (TLS) tunnel LEAP - ANSWER-a proprietary wireless LAN authentication method developed by Cisco Systems LEAP - ANSWER-uses WEP stream cipher (symmetric) - ANSWER-Rivest Cipher 4 (RC4) symmetric-key block cipher - ANSWER-Rivest Cipher 5 (RC5) symmetric-key block cipher - ANSWER-Data Encryption Standard (DES)

domain

computer worm - ANSWER-What is Code Red? Internet Information Services (IIS) 5.0 - ANSWER-MS01-033 basis Code Red - ANSWER-The MS01-033 vulnerability was used by which malware? computer worm - ANSWER-What is Conficker? Conficker - ANSWER-The MS08-067 vulnerability was used by which malware? computer worm - ANSWER-What is Blaster? Distributed Component Object Model (DCOM) - ANSWER-MS03-026 basis Blaster - ANSWER-The MS03-026 vulnerability was used by which malware? computer worm - ANSWER-What is Nimda? Local Security Authority Subsystem Service (LSASS) - ANSWER-MS04- basis Internet Explorer - ANSWER-MS10-002 basis Aurora - ANSWER-MS10-002 name KiTrap0D - ANSWER-MS10-015 name Print Spooler Service - ANSWER-MS10-061 basis OK - ANSWER- Created - ANSWER- Accepted - ANSWER- Non-Authoritative Information - ANSWER- No Content - ANSWER- Reset Content - ANSWER- 300 - ANSWER-Multiple Choices 301 - ANSWER-Moved Permanently 302 - ANSWER-Found

Spanning Tree Protocol (STP) - ANSWER-a network protocol that builds a loop-free logical topology for Ethernet networks Terminal Access Controller Access-Control System Plus (TACACS+) - ANSWER-a protocol developed by Cisco that handles authentication, authorisation, and accounting (AAA) services Voice over Internet Protocol (VoIP) - ANSWER-a methodology and group of technologies for the delivery of voice communications and multimedia sessions over Internet Protocol (IP) networks, such as the Internet Session Initiation Protocol (SIP) - ANSWER-a signaling protocol used for initiating, maintaining, and terminating real-time sessions that include voice, video and messaging applications IEEE 802.11 - ANSWER-part of the IEEE 802 set of LAN protocols, and specifies the set of media access control (MAC) and physical layer protocols for implementing wireless local area network (WLAN) Wi-Fi computer communication in various frequencies, including but not limited to 2, 4, 5, and 60 GHz frequency bands Kismet - ANSWER-passive scanner on Linux Wired Equivalent Privacy (WEP) - ANSWER-both XXX-40 and XXX- 104 were deprecated in 2004 Temporal Key Integrity Protocol (TKIP) - ANSWER-deprecated in 2012 Wi-Fi Protected Access / Wi-Fi Protected Access II (WPA/WPA2) - ANSWER- defined in response to serious weaknesses researchers had found in the previous system, Wired Equivalent Privacy (WEP) Extensible Authentication Protocol (EAP) - ANSWER-an authentication framework frequently used in wireless networks and point-to-point connections Lightweight Extensible Authentication Protocol (LEAP) - ANSWER-a proprietary wireless LAN authentication method developed by Cisco Protected Extensible Authentication Protocol (PEAP) - ANSWER-a protocol that encapsulates the Extensible Authentication Protocol (EAP) within an encrypted and authenticated Transport Layer Security (TLS) tunnel Teletype Network (Telnet) - ANSWER-a protocol used on the Internet or local area network to provide a bidirectional interactive text-oriented communication facility using a virtual terminal connection

Teletype Network (Telnet) - ANSWER-does not encrypt any traffic sent over the connection by default Hypertext Transfer Protocol (HTTP) - ANSWER-an application protocol for distributed, collaborative, hypermedia information systems Hypertext Transfer Protocol (HTTP) - ANSWER-does not encrypt any traffic sent over the connection Hypertext Transfer Protocol Secure (HTTPS) - ANSWER-used for secure communication over a computer network, and widely used on the Internet File Transfer Protocol (FTP) - ANSWER-a standard network protocol used for the transfer of computer files between a client and server on a computer network File Transfer Protocol (FTP) - ANSWER-does not encrypt any traffic sent over the connection Secure Shell (SSH) - ANSWER-a cryptographic network protocol for operating network services securely over an unsecured network Simple Network Management Protocol (SNMP) - ANSWER-an Internet Standard protocol for collecting and organising information about managed devices on IP networks and for modifying that information to change device behaviour using SNMP to attack a network - ANSWER-the SNMP implementation of Cisco 11.0 and 12.0 is vulnerable to certain denial of service attacks SNMP authentication - ANSWER-SNMP v1 sends passwords in clear-text over the network SNMP autodiscovery - ANSWER-in SNMP v1 and v2c the community string is broadcast in clear-text to other devices Trivial File Transfer Protocol (TFTP) - ANSWER-a simple lockstep File Transfer Protocol which allows a client to get a file from or put a file onto a remote host Trivial File Transfer Protocol (TFTP) - ANSWER-includes no login or access control mechanisms Cisco Reverse Telnet - ANSWER-allows you to telnet to a device then from that device connect to the console of another device Network Time Protocol (NTP) - ANSWER-a networking protocol for clock synchronisation between computer systems over packet-switched, variable- latency data networks

HINFO - ANSWER-intended to provide information about host CPU type and operating system Canonical Name (CNAME) - ANSWER-subdomain to a domain's A record Usenet newsgroup - ANSWER-a repository usually within the Usenet system, for messages posted from many users in different locations using Internet -rwxr-xr-x - ANSWER-a regular file whose user class has full permissions and whose group and others classes have only the read and execute permissions 0740 - ANSWER--rwxr----- archive, hidden, system, read-only - ANSWER-traditionally, in Microsoft Windows, files and folders accepted four attributes: filesystem Access Control List (ACL) - ANSWER-a data structure (usually a table) containing entries that specify individual user or group rights to specific system objects such as programmes, processes, or files encryption - ANSWER-transforms data into another format in such a way that only specific individual(s) can reverse the transformation encoding - ANSWER-transforms data into another format using a scheme that is publicly available so that it can easily be reversed symmetric encryption - ANSWER-uses the same cryptographic keys for both encryption of plaintext and decryption of ciphertext asymmetric encryption - ANSWER-uses pairs of keys: public keys which may be disseminated widely, and private keys which are known only to the owner symmetric-key block cipher - ANSWER-DES - Data Encryption Standard 64 bits - ANSWER-DES block sizes: 56 bits - ANSWER-DES key sizes: symmetric-key block cipher - ANSWER-3DES - Triple Data Encryption Standard 64 bits - ANSWER-3DES block sizes: 168, 112, or 56 bits - ANSWER-3DES key sizes: symmetric-key block cipher - ANSWER-AES - Advanced Encryption Standard

128 bits - ANSWER-AES block sizes: 128, 192, or 256 bits - ANSWER-AES key sizes: public-key cryptosystem - ANSWER-RSA - Rivest-Shamir-Adleman 1024 - 4096 bits - ANSWER-RSA key sizes: Secure Hash Algorithm 1 (SHA1) - ANSWER-cryptographic hash function which takes an input and produces a 160-bit hash value known as a message digest - typically rendered as a hexadecimal number, 40 digits long 512 bits - ANSWER-SHA1 block sizes: Message-Digest algorithm (MD5) - ANSWER-hash function producing a 128-bit hash value 512 bits - ANSWER-MD5 block sizes: message integrity codes - ANSWER-a short piece of information used to authenticate a message - in other words, to confirm that the message came from the stated sender (its authenticity) and has not been changed Hash-based Message Authentication Code (HMAC) - ANSWER-a specific type of Message Authentication Code (MAC) involving a cryptographic hash function and a secret cryptographic key firewall - ANSWER-a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules firewall - ANSWER-often categorised as either network firewalls or host-based firewalls network access control list - ANSWER-a network filter utilised by routers and some switches to permit and restrict data flows into and out of network interfaces router - ANSWER-a networking device that forwards data packets between computer networks switch - ANSWER-a computer networking device that connects devices on a computer network by using packet switching to receive, process, and forward data to the destination device Secure Sockets Layer (SSL) - ANSWER-a set of cryptographic protocols designed to provide communications security over a computer network

Nmap - ANSWER-almost all active fingerprinting is done with: passive fingerprinting - ANSWER-sniffs TCP/IP ports, rather than generating network traffic by sending packets to them application layer - ANSWER- presentation layer - ANSWER- session layer - ANSWER- transport layer - ANSWER- network layer - ANSWER- data link layer - ANSWER- physical layer - ANSWER- port scanner - ANSWER-an application to probe a server or host for open ports Nmap - ANSWER-used to discover hosts and services on a computer network by sending packets and analysing the responses -sS - ANSWER-TCP SYN (Stealth) Scan -sT - ANSWER-TCP Connect Scan -sU - ANSWER-UDP Scan -sO - ANSWER-IP Protocol Scan -p - ANSWER-selecting ports -T0 through -T5 - ANSWER-these timing templates affect many variables to adjust overall Nmap speed from very slow (-T0) to extremely aggressive (T5) --max-rtt-timeout - ANSWER-the maximum amount of time to wait for a port scan probe response --max-retries - ANSWER-the maximum number of port scan probe retransmissions to a single port --scan-delay - ANSWER-wait at least the given amount of time between sending probes to any individual host

-v - ANSWER-increase the verbosity level -vv - ANSWER-further increase the verbosity level -oA - ANSWER-output to all formats (.nmap, .xml, .gnmap) -6 - ANSWER-scan the target using the IPv6 protocol network sniffer - ANSWER-computer programme or piece of computer hardware that can intercept and log traffic that passes over a digital network or part of a network ping - ANSWER-measures the round-trip time for messages sent from the originating host to a destination computer that are echoed back to the source ping - ANSWER-operates by sending Internet Control Message Protocol (ICMP) echo request packets to the target host and waiting for an ICMP echo reply -s - ANSWER-specifies the number of data bytes to be sent -c - ANSWER-stop after sending count ECHO_REQUEST packets -w - ANSWER-specify a timeout, in seconds, before ping exits regardless of how many packets have been sent or received -t - ANSWER-set the IP Time To Live (TTL) -i - ANSWER-wait interval seconds between sending each packet -R - ANSWER-record route ping sweep - ANSWER-a method that can establish a range of IP addresses which map to live hosts fping - ANSWER-a tool used for ping sweeps Internet Protocol version 4 (IPv4) - ANSWER-uses 32-bit addresses (represented as 4 groups of 4 decimal numbers with the groups being separated by full stop) Internet Protocol version 6 (IPv6) - ANSWER-uses 128-bit addresses (represented as 8 groups of 4 hexadecimal digits with the groups being separated by colons) Transmission Control Protocol (TCP) - ANSWER-provides reliable, ordered, and error- checked delivery of a stream of octets between applications running on hosts communicating via an IP network

Flexible Single Master Operations - ANSWER-FSMO Hypertext Markup Language - ANSWER-HTML Hypertext Transfer Protocol - ANSWER-HTTP Inter Asterisk eXchange - ANSWER-IAX Internet Server Application Programming Interface - ANSWER-ISAPI Network File System - ANSWER-NFS Protected Extensible Authentication Protocol - ANSWER-PEAP Public Key Infrastructure - ANSWER-PKI Remote Authentication Dial In User Service - ANSWER-RADIUS Rivest Shamir Adleman - ANSWER-RSA Supervisory Control And Data Acquisition - ANSWER-SCADA Session Initiation Protocol - ANSWER-SIP Start Of Authority - ANSWER-SOA Simple Object Access Protocol - ANSWER-SOAP Structured Query Language - ANSWER-SQL Secure Shell - ANSWER-SSH Spanning Tree Protocol - ANSWER-STP Temporal Key Integrity Protocol - ANSWER-TKIP Universal Description Discovery and Integration - ANSWER-UDDI User Datagram Protocol - ANSWER-UDP Wired Equivalent Privacy - ANSWER-WEP Wi-fi Protected Access - ANSWER-WPA Web Services Description Language - ANSWER-WSDL

application pen testing - ANSWER-finds technical vulnerabilities infrastructure pen testing - ANSWER-examines servers, firewalls and other hardware for security vulnerabilities black box - ANSWER-no information is provided to the penetration tester white box - ANSWER-full information is provided, for example network maps and access to development staff Computer Misuse Act 1990 - ANSWER-originally nothing to make DOS attacks illegal Computer Misuse Act 1990 - ANSWER-modifications in Police and Justice Act 2006 changed Section 3 Computer Misuse Act 1990 - ANSWER-made DDOS via botnets illegal Human Rights Act 1998 - ANSWER-Article 8 - right to respect for private and family life, home and correspondence Data Protection Act 1998 - ANSWER-Section 55 - unlawful obtaining etc. of personal data Police and Justice Act 2006 - ANSWER-made amendments to the Computer Misuse Act 1990 Police and Justice Act 2006 - ANSWER-made it illegal to perform DOS attacks Police and Justice Act 2006 - ANSWER-made it illegal to supply and own hacking tools Police and Justice Act 2006 - ANSWER-increased penalties of Computer Misuse Act 1990 risk of pen testing - ANSWER-degradation or loss of services risk of pen testing - ANSWER-disclosure of sensitive information TCP 548 - ANSWER-Apple Filing Protocol (AFP) over TCP TCP 179 - ANSWER-Border Gateway Protocol (BGP) UDP 67 - ANSWER-Bootstrap Protocol (BOOTP) server; Dynamic Host Configuration Protocol (DHCP) UDP 68 - ANSWER-Bootstrap Protocol (BOOTP) client; Dynamic Host Configuration Protocol (DHCP)