1. Home
  2. Flashcards
  3. Preview

Chapter 3

  1. Many protocols store data in cache for temporary access. What type of attack attempts to corrupt the cache with different data?
    poisoning attack
  2. What does TCP/IP stand for?
    Transmission Control Protocol/Internet Protocol
  3. What is the default port for HTTP?
    80
  4. What type of connection protocol uses a three-way handshake?
    TCP (Transmission Control Protocol)
  5. What does UDP stand for?
    User Datagram Protocol
  6. What type of protocol does ICMP traffic and audio/video streaming use?
    UDP(User Datagram Protocol)
  7. How many bits in an IPv6 address?
    • 128-bit 
    • ex: FE80:0000:0000:0000:20D4:3FF7:003F:DE62
  8. How many bits in a IPv4 address?
    • 32-bit 
    • ex: 192.168.1.100
  9. What does ICMP stand for and what is it used for?
    Internet Control Message Protocol is used for testing basic connectivity including tools such as ping, pathping, and tracert.
  10. What does ARP stand for and what does it do?
    Address Resolution Protocol resolves IPv4 addresses to media access control (MAC) addresses.
  11. What is referred to as a physical address or hardware address?
    MAC (Media access control address)
  12. What happens during an ARP poisoning attack?
    ARP poisoning attacks use ARP packets to give clients false hardware address updates and attackers use it to redirect or interrupt network traffic.
  13. What does NDP stand for and what does it do?
    Neighbor Discovery Protocol and it performs functions such as autoconfiguration of device IPv6 addresses and discovers other IPv6 devices on the network.
  14. What does RTP stand for and what does it do?
    The Real-time Transport Protocol delivers audio and video over IP networks. (VOIP devices, streaming media, video teleconferencing apps)
  15. What does SRTP stand for?
    Secure Real-time Transport Protocol
  16. What does FTP stand for and what does it do?
    File Transfer Protocol uploads and downloads large files to and from an FTP server. By default, FTP transmits data in cleartext
  17. What is port 20 used for?
    FTP control signals
  18. What is TCP port 20 used for?
    FTP data
  19. What does TFTP stand for and which port does it use?
    Trivial File Transfer Protocol uses UDP port 69.
  20. What service uses TCP port 22?
    SSH
  21. What does SSL stand for and what does it do?
    The Secure Sockets Layer protocol was the primary method used to secure HTTP traffic as HTTPS. SSL can encrypt other types of traffic such as SMTP and LDAP
  22. What does TLS stand for and what does it replace?
    The Transport layer Security protocol is the designated replacement for ssl.
  23. What does STARTTLS do?
    a command used to upgrade an unencrypted connection to an encrypted connection on the same port.
  24. What does IPsec stand for and what does it do?
    Internet Protocol Security is used to encrypt IP traffic.
  25. What are the two main components of IPsec?
    Authentication Header (AH) identified by protocol ID number 51 and Encapsulating Security Payload (ESP) identified by protocol ID number 50.
  26. What uses the Internet Key Exchange (IKE) over UDP port 500 to create a security association for the VPN?
    IPsec (Internet Protocol Security)
  27. What does SFTP stand for and what is it?
    Secure File Transfer Protocol. It is an extension of SSH to transmit files.
  28. What port does SFTP transmit data using?
    TCP port 22
  29. What does FTPS stand for and what is it?
    File Transfer Protocol Secure is an extension of FTP and uses TLS to encrypt FTP traffic.
  30. What ports do some implementations of FTPS use?
    TCP ports 989 and 990.
  31. What is the Poodle attack?
    Short for Padding Oracle on Downgraded Legacy Encryption. A vulnerable that is found in SSL which is why it is prohibited by NIST To be used to protect sensitive data.
  32. What does SMTP stand for and what port does it use?
    Simple mail transfer protocol. Port 25
  33. What does POP3 stand for and what does it do? Port?
    Post Office Protocol v3 transfers emails from servers down to clients. TCP port 110
  34. What port does Secure POP use?
    TCP port 995. However, STARTTLS is now recommended to create secure connections on port 110 (POP3)
  35. What does IMAP4 stand for  and what does it do? Port?
    Internet Message Access Protocol version 4 is used to store email on an email server. It allows users to organize and manage emails in folders. TCP port 143.
  36. What port does Secure IMAP use?
    TCP port 993 - However STARTTLS is recommended to use TCP 143
  37. What port does HTTPS use?
    443
  38. What does GPO stand for in Active Directory?
    Group Policy Objects
  39. What does RDP stand for? What ports does it use?
    • Remote Desktop Protocol
    • TCP 3389 or UDP 3389
  40. What does NTP stand for and what does it do?
    Network Time Protocol(NTP) is the most commonly used protocol for time synchronization, allowing systems to synch their time to within tens of milliseconds.
  41. What do unique local addresses start with?
    fc00
  42. What makes up an IPv6 IP address?
    eight groups of four hexadecimal characters, separated by colons. Each hexadecimal character is composed of 4 bits.
  43. What does the "A" zone aka host record hold?
    Hostname, IPv4 address
  44. What does the AAAA record hold?
    Hostname and IPv6 address.
  45. What is PTR record also known as and what does it hold?
    Pointer Record. It is the opposite of an A record. Instead of querying with the name of the website, it queries the DNS with the IP address.PTR records are optional so it doesn't always work.
  46. What is the MX record also called and what does it hold?
    Also called mail exchange or mail exchanger. An MX record identifies a mail server used for email. The MX record is linked to the A record or AAAA record of a mail server.
  47. What is the CNAME record also called and what does it hold?
    A canonical name, or alias, allows a single system to have multiple names associated with a single IP address.
  48. What is the SOA record also called and what does it hold?
    The start of authority (SOA) record includes information about the DNS zone and some of its settings. TTL(Time to Live)
  49. What port do DNS servers use for zone transfers?
    TCP port 53. In contrast, name resolution queries  use UDP port 53
  50. What does DNSSEC standf or and what does it do?
    Domain Name System Security Extensions is a suite of extensions to DNS that provides validation for DNS responses. It adds a digital signature to each record that provides data integrity. If a DNS server receives a DNSSEC-enabled response with digitally signed records, the DNS server knows that the response is valid.
  51. What are the Well known ports?
    0 - 1023
  52. What are the registered ports?
    1024 - 49,151
  53. What are the Dynamic and Private Ports?
    49,152 - 65,535
  54. What is implicit deny?
    auto block everything unless you explicitly tell it to allow something.
  55. What is a stateful firewall?
    A stateful firewall inspects traffic and makes decisions based on the context, or state, of the traffic. It keeps track of established sessions and inspects traffic based on its state within a session. It blocks traffic that isn't' part of an established session.
  56. What does WAF stand for?
    Web Application Firewall
  57. What does NAT stand for and what does it do?
    Network Address Translation (NAT) is a protocol that translates public IP addresses to private IP addresses and private addresses back to public.
  58. What does Pat stand for?
    Port Address Translation
  59. According to CompTIA, what is the objectives list for network separation?
    Segregation, segmentation, and isolation.
  60. Because a Layer 3 switch forwards traffic based on the destination IP address instead of the MAC address, it is not susceptible to what type of attack?
    ARP-based attacks
  61. What is a Media Gate way?
    A device that converts data from the format used on one network to the format used on another network. Ex. VoIP gateway allows phone calls to be received by VoIP equipment.
  62. What does UTM stand for?
    Unified threat management is a single solution that combines multiple security controls.
  63. What is a mail gateway?
    A server that examines all incoming and outgoing emails and attempts to reduce risks associated with email.
  64. What does DLP stand for?
    Data Loss Prevention
  65. What does SNMPv3 stand for and what does it do?
    Simple network management protocol version 3 (SNMPv3) monitors and manages network devices, such as routers or switches.
  66. What port does SNMPv3 use?
    UDP port 161. It sends traps (error messages and notifications) on UDP 162.
Author
frk1xx7
ID
350972
Card Set
Chapter 3
Description
Chapter 3
Updated

  1. Home
  2. Flashcards
  3. Preview