What is SRTP ?
Secure Real Time Protocol (or Secure RTP) use AES to encrypt the conversation over voice/video flow
What is NTP & NTPsec ?
- Network Time Protocol (NTP) is a networking protocol for clock synchronization between computer systems
- NTPsec: NTP secure version
What is S/MIME ?
Secure/ Multipurpose Internet Mail Extensions is a public key encryption mechanism that allows to protect the information using encryption and to provide digital signatures for integrity. It require PKI in place in order to manage these keys
What is Secure POP and Secure IMAP ?
It use a STARTTLS extension to encrypt POP3 with SSL or use IMAP with SSL
What is MIME protocol?
Multipurpose Internet Mail Extensions is an extension of the original Simple Mail Transport Protocol (SMTP) email protocol. It lets users exchange different kinds of data files, including audio, video, images and application programs, over email.
What are POP and IMAP protocol?
- POP: post office protocol is the most commonly used message request protocol in the Internet world for transferring messages from an e-mail server to an e-mail client. With POP3, the e-mail client requests new messages from the e-mail server, and the server “pops” all new messages out to the client.
- IMAP: POP3 downloads emails from a server to a single computer, making those emails only accessible on that specific computer. IMAP stores emails on a server and then syncs them across multiple devices. IMAP is more advanced than POP3 and allows you to access your email from anywhere, and on any device.
What is the difference between POP and SMTP ?
SMTP (“Simple Mail Transfer Protocol”) is used for sending and delivering from a client to a server via port 25: it’s the outgoing server. On the contrary, POP (“Post Office Protocol”) allows the user to pick up the message and download it into his own inbox: it’s the incoming server.
What is web protocol to make it secure ?
SSL/TLS which is use with HTTP protocol (HTTPS). It uses public key encryption methods and use public and private key paired in order to transfer symmetric key across the network so that a session key can then be used symmetrically during the communication
What is IPsec ?
Security for OSI Layer 3 and provide authentication and encryption for every packet.
It also provide packet signing for integrity and anti replay features.
IPsec use 2 protocols for its implementation
What are the 2 protocols used to implement IPsec ?
- Authentication Header (AH) which provides the integrity
- Encapsulation Security Payload (ESP) that provides the encryption
What is FTPS and SFTP ?
- FTPS: FTP over SSL (FTP-SLL), it uses SSL to provide the encryption
- SFTP: SSH File Transfer Protocol and use SSH to provide the encryption. SFTP also provide file system functionality such as resuming interrupted transfers, directory listings, remote file removal
What is LDAP & LDAPS ?
- Lightweight Directory Access Protocol is a protocol for reading and writing directories over an IP network. It is used in Windows Active Directory, Apple OpenDirectory, Open LDAP etc
- LDAPS: LDAP over SSL
What is SASL ?
Simple Authentication and Security Layer provides authentication using many different methods (i.e Kerberos or client certificate)
What is SSH ?
Secure Shell encrypt terminal communication and replaces Telnet (and FTP)
What is Domain name resolution ?
DNS had no security in the original design making it an easy target for attackers. To fix this DNSSEC was created and it validate DNS responses to provide the origin of the authentication to the DNS and data integrity. This is allow thanks to public key cryptography: hence DNS records are signed w/ trusted 3rd party
How to connect securely to switches and routers?
By using SSH or SNMPv3 (Simple Network Managment Protocol version 3) which provide confidentiality (encrypted data), integrity (no tempering of data), authentication (verifies the source)
How to secure network adress allocation?
Network address are allocated using the DHCP protocol which do not include any built-in security. To enhance the security of DHCP, an additional control outside the DHCP protocol was added using for example with the Active Directory, switches that allow DHCP from trusted interfaces.
-
1.1 Social engineering attacks26
-
1.2 Malware & common attacks35
-
1.3 Application attacks32
-
1.4 Network attacks32
-
1.5 Threat actors, vectors and intelligence sources8
-
1.6 Type of vulnerabilities15
-
1.7 Security assessments techniques13
-
1.8 Penetration test techniques19
-
2.1 Configuration management30
-
2.2 Cloud & Virtualization21
-
2.3 Application dev, deployment and automation23
-
2.4 Authentication & authoriaztion25
-
2.5 Cybersecurity resilience29
-
2.6 Security implications of embedded & specialized systems20
-
2.7 Physical security controls19
-
2.8 Encryption68
-
3.1 Implement secure protocols17
-
3.2 Implement host & application security solutions50
-
3.3 Implement secure network design79
-
3.4 Install & configure wireless security settings26
-
3.5 Implement secure mobile solutions27
-
3.6 Apply cybersecurity solution to the cloud23
-
3.7 Implement identity & account management19
-
3.8 Implement authentication and authorization solutions32
-
3.9 Implement public key infrastructure27
-
4.1 Tool to assess organizational security39
-
4.2 Importance of policies, processes and procedure in Incident response13
-
4.3 Incident, utilize appropriate data sources to support investigation18
-
4.4 Incident, apply mitigation techniques or controls to secure an environment9
-
4.5 Key aspects of digital forensics8
-
5.1 Compare & contrast various types of controls8
-
5.2 Importance of regulations, standards, frameworks that impact security posture12
-
5.3 Importance of policies to organizational security15
-
5.4 Risk management processes and concepts15
-
5.5 Privacy & sensitive data concepts in relation to security7
