mgeorgeff's version from 2017-06-19 14:19

Section 1

Question Answer
RADIUS UDP 1812/1813 (Layer 7)
DHCP UDP 67/68 (Layer 7)
IPsec (for VPN with IKE)UDP 500 (Layer 3)
kerberosTCP/UDP 88 (Layer 5)
SMBtcp 445
LDAPtcp 389
FTPS SSL/TLStcp 989/990
PPTPTCP 1723 used with VPN's
IMAP4tcp 143 stores mail on servers and lets users manage mail on the servers
snmpudp 161
snmp trapudp 162
pop ssl/tlstcp 995
imap ssl/tlstcp 993
ldap ssl/tls636
smtp ssl/tlstcp 465
md5128 bit
sha1160 bit
sha2224,256 bit
hmac-md5128 bit
aes128 bit block - 128/192/256 bit key size Advanced encryption standard fast and secure
des64 bit block - 56 bit key
3des64 bit block - 56/112/168 bit key
blowfish64 bit block - 32-448 bit key
twofish128 bit block - 128/192/256 bit key
rc4stream - 40-2048 bit keys
FTP datatcp 20
ftp controltcp 21
SSH - SCP/SFTPtcp 22
telnettcp 23
smtptcp 25
tacacstcp 49
dns queriesUDP 53
dns zone transferstcp 53
TFTPudp 69
HTTPtcp 80
httpstcp 443
pop3tcp 110
rdptcp/udp 3389
HMAChash based message authentication code - uses shared secret key used with SSL/TLS HMAC-MD5 and HMAC-SHA1
aes 256256 bit keys and blowfish is faster
ALEannual loss expectancy identifies the expected annual loss and is used to measure risk with ARO and SLE in a quantitative assessment SLExARO=SLE
BCPBusiness Continuity Plan - plans organize and predict potential outages of critical services or functions includes disaster recovery elements that provide the steps used to return critical functions to operation after an outage. BIA is part of BCP and BIA drives decisions to create failover clusters or alternate sites.
BIAbusiness impact analysis identifies systems and componenets that are essential to success. identifies areas that can impact systems and components maximum downtime limits and potential losses helps identify RTO and RPO's
BPAbusiness partners agreement. details the relationship buisness partners with obligations toward the partnership.
CPcontigency planning plans for contingencies to keep the business operational in event of disaster. BCP's include CP
CSRcertificate signing request - request a cert from a CA. starts by creating RSA based private/public keys and including the public key in the CSR.

Section 2

Question Answer
email digital signaturessenders private key encrypts signs. senders publilc key decrypts
email encryptionrecipients public key encrypts. recipients private key decrypts
how do you know there is a digital signaturejust by kowing a private key is encrypting
what/who encrpyts the email meesagerecipients public key
who decrpyts the email messagerecipients private key decrypts
TLSreplaces SSL
IPSECnative to ipv6 not native to ipv4 uses hmac with AH
HTTPSuses SSL or TLS to encrypt traffic over port 443
transport encryptionSSH,IPSEC,HTTPS,SSL,TLS
public key infrastructurerequires trust between CA's and most are hierarchical and centralized with a root CA
symmetric encryptionuses same key to encrypt and decrypt data
SSHport 22 encrypts FTP as SFTP and is used with SCP
TLS/SSLuse certificates and can encrypt SMTP and LDAP.
SFTPSSH port 22
FTPSSSL and TLS to encrypt over port 989/990
TFTPtiny bits of data UDP 69
AAAAIPv6 DNS records
ADNS IPv4 records
OSI modelall people seem to need data processing - app,presen,session,transport,network,data,physical
layer 3network - router,switch, ipv4, ipv6, ipsec, icmp
layer 4transport - TCP,UDP
layer 7application -
802.1xport based authentication protocolwirelss can use WPA2 enterprise mode implemented as a radius server
AHauthentication header in IPSEC. provides authentication and integrity using HMAC