Secure Protocols, OS & Email Security

Question 1

Secure equivalent of Telnet

Answer 1

Secure shell (SSH) → encrypted remote access protocol that replaces Telnet by protecting credentials and session data from interception while allowing secure command-line management of systems.

tcp/22

Question 2

Secure equivalent of HTTP

Answer 2

Hypertext transfer protocol secure (HTTPS) → secure version of HTTP that uses transport layer security encryption to protect web traffic from eavesdropping, tampering, and man-in-the-middle attacks.

tcp/443

Question 3

Secure equivalent of IMAP

Answer 3

Internet message access protocol secure (IMAPS) → encrypted version of IMAP that protects email messages and credentials while mail is accessed from a server. Allows you to sync email across different devices securely

tcp/993

Question 4

Secure equivalent of FTP

Answer 4

Secure file transfer protocol (SFTP) → secure file transfer protocol that runs over secure shell to encrypt authentication and file data, replacing insecure FTP.

tcp/22

Question 5

Active Directory

Answer 5

Active Directory → centralized directory service that stores information about network resources such as users, computers, groups, printers, and file shares, and manages authentication and access control, commonly used by help desk teams.

Question 6

Group Policy

Answer 6

Group Policy → centralized management feature used with Active Directory that enforces security settings, configurations, and restrictions across users and computers in a domain.

Question 7

SELinux

Answer 7

Security-enhanced Linux (SELinux) → Linux security module that enforces mandatory access control policies to restrict what processes and users can do, even if they are compromised.

Question 8

MAC in Linux

Answer 8

Mandatory access control (MAC) in Linux → access control model where permissions are enforced by the system admin using security policies rather than user ownership, providing stronger protection against privilege misuse.

Question 9

DAC in Linux

Answer 9

Discretionary access control (DAC) in Linux → access control model where resource owners control permissions, allowing flexibility but increasing risk if users misconfigure access.

This is the default in Linux

Question 10

Mail Gateway

Answer 10

Mail gateway → security system that evaluates inbound and outbound email at the network edge or in the cloud, blocking malicious messages before they reach user inboxes.

Question 11

DNS Records

Answer 11

Domain name system records → configuration entries that define how domain-related services such as email, websites, and authentication behave on the internet.

Question 12

TXT Record

Answer 12

Text record (TXT record) → domain name system record used to store arbitrary text, commonly used to support email authentication and domain verification.

Question 13

SPF Record

Answer 13

Sender policy framework (SPF) record → domain name system record that specifies which mail servers are authorized to send email on behalf of a domain, helping prevent spoofing.

Question 14

DKIM Record

Answer 14

Domain keys identified mail (DKIM) record → email authentication method that uses digital signatures to verify message integrity and confirm the sending domain has not been altered.

Question 15

DMARC Record

Answer 15

Domain-based message authentication, reporting, and conformance (DMARC) record → policy that ties sender policy framework and domain keys identified mail together to tell receiving servers how to handle unauthenticated email and provide reporting.