1
Q
Logical communication endpoint that exists on a computer or server
A
Port
2
Q
Logical communication opening on a server that is listening for a connection from a client
A
Inbound Port
3
Q
Logical communication opening created on a client in order to call out to a server that is listening for a connection
A
Outbound Port
4
Q
Port 0 to 1023 are considerd well-kmown and are assigned by IANA
A
Well-Known
5
Q
Port 1024 to 49151 are considered registered and are usually assigned to proprietary protocols
A
Registered Ports
6
Q
Port 49152 to 65535 can be used by any application without being registered with IANA
A
Rules governing device communication and data exchange
7
Q
Used to transfer files from host to host Port 21 (TCP)
A
File Transfer Protocol
8
Q
Provides secure remote terminal access and file transfer capabilities: Port 22 (TCP)
A
SSH, SCP, and SFTP
9
Q
Provides insecure remote control of another machine using a text-based environment: Port 23
A
Telnet
10
Q
Provides the ability to send email over the network: Port 25 (TCP)
A
Simple mail Transfer protocol (SMTP)
11
Q
Transfer domain names into IP address: Port 53 (TCP and UDP)
A
DNS
12
Q
Used as a lightweight file transfer method for sending configuration files on network booting of an operating system: Port 69 (UDP)
A
Trivial File Transfer Protocol
13
Q
Used for insure web browsing: Port 80 (TCP)
A
HTTP
14
Q
Network authentication protocol
A
Kerberos: Port 88 (UDP)
15
Q
Responsible for retrieving email from a server
A
POP3” port 110 (TCP)
16
Q
Used for accessing newsgroups
A
Network News Transfer Protocol (NNTP): Port 119 (TCP)
17
Q
Facilitates communication between different system processes
A
Remote Procedure call (RPC): Port 135 (TCP and UDP
18
Q
Networking protocol suite
A
NetBIOS: Port 137, 138, and 139 (TCP and UDP)
19
Q
Allows access to email messages on a server
A
Internet Message Access Protocol (IMAP): Port 143 (TCP)
20
Q
Manage network devices
A
SNMP: Port 161 (UDP)
21
Q
Responsible for sending SNMP trap message
A
SNMP Trap: Port 162 (UDP)
22
Q
Facilitates dictory services
A
LDAP: Port 389 (TCP)
23
Q
Provide secure Web Communication
A
HTTPS: Port 443
24
Q
Used for file and printer sharing over a network
A
Server Message Block (SMB): Port 445 (TCP)
25
Provide secure SMTP communication
SMTP Secure: Port 465 and 587 (TCP)
26
Used for sending log messages
SysLog: Port 514 (UDP)
27
LDAP communication over SSL/TLS
LDAP Secure (LDAPS): Port 636 (TCP)
28
Used for secure email retrieval
Internet Message Access Protocol over SSL/TLS: Port 993
29
Used for secure email retrieval
POP3S: Port 995
30
Used to facilitate communication with MS SQL Server
MS SQL: Port: 1433 (TCP)
31
Used for remote authentication, authorization, and accounting
RADIUS: Port 1646 and 1645 (TCP)
32
Used to authentication and accounting as defined by the Internet Engineering Task Force (IETF)
RADIUS UDP: Port 1812 and 1813 (UDP)
33
Enables remote desktop access
RDP: Port 3389 (TCP)
34
Used in a secure syslog that uses SSL/TLS to encrypt the IP packets using a certificate before sending them across the IP network to the syslog collector
Syslog TLS
35
Safeguard network by monitoring and controlling traffic based on predefined security rules
Firewall
36
Acts as a security barrier between the external and internal untrusted networks and internal trusted networks, using a protected host with security measures like a packet-filtering firewall
Screen-Subnet (Dual-homed Host)
37
Checks packet headers for traffic allowance based on IP addresses and port numbers
Packet Filtering Firewall
38
Monitors all inbound and outbound network connections and requests
Stateful Firewall
39
Acts as an intermediary between internal and external connections, making connections on behalf of other endpoints
Proxy Firewall
40
Like a sock firewall, operates at the lay 5 of the OSI model
Circuit Level
41
Has minimal impact on network performance while thoroughly inspecting packet across all layers
Kernel Proxy Firewall (Fifth Generation Firewall)
42
Aims to address the limitations of traditional firewall by being more aware of applications and their behavior
Next-Generation Firewall (NGFW)
43
Provides the ability to conduct multiple security functions in a single appliance
UTM
44
Focuses on the inspection of the HTTP traffic
Web Application Firewall (WAF)
45
Filters based on port numbers and protocols, without inspecting packet content
Layer 4 Firewall
46
Inspects and controls traffic based on data content and application characteristics
Layer 7 Firewall
47
A rule set that is placed on firewalls, routers, and other network infrastructure devices that permit or allow traffic through a particular interface
ACL
48
Responsible for detecting unauthorized network access or attacks
Network Intrusion Detection System (NIDS)
49
Monitors the traffic coming in and out of a network
Network IDS (NIDS)
50
looks at suspecious network traffic going to or from a single server or endpoint
Host-Based IDS (HIDS)
51
Detecs attempts to cause a denial of service on a wireless network
Wireless IDS
52
Analyzes traffic based on defined signatures and can only recognize attacks based on previously identified attacks in its database
Signature-based IDS
53
Analyzes traffic and compares it to a normal baseline of traffic to determine whether a threat is occurring
Anomaly-based/Behavior-based IDS
54
Scans traffic to look for malicious activity and takes action to stop it
IPS
55
Dedicated hardware device with pre-installed software that is designed to provide specific networking services
Network Appliances
56
Crucial component in any high-availability network or system that is designed to distribute network or application traffic across multiple servers
Load Balancer
57
Intermediary between a client and a server to provide various like content caching, request filtering, and login management.
Proxy Server
58
Designed to monitor, detect, and analyze traffic and data flow across a network in order to identify any unusual activities, potential security breaches, or performance issues
Network Sensor
59
Dedicated gateway used by system administrator to securely access devices located in different security zones within the network.
Jump Server/Jump Box
60
Common security feature found on network switches that allows administrators to restrict which devices can connect to a specific port based on the network interface card's MAC address
Port Security
61
Used to store information about the MAC addresses that are available on any given port of the switch
Content Addressable Memory (CAM) table
62
Feature in network port security where the switch automatically learns and associates MAC addresses with specific interfaces
Persistent (Sticky) MAC Learning
63
Standardized framework that is used for port-based authentication for both wired and wireless networks
802.1X Protocol
64
Variant that utilizes simple password and the challenge handshake authentication process to provide remote access authentication
EAP - TLS
65
Variant that utilizes simple passwords and the challenge handshake authentication process to provide remote access authentication
EAP - MD5
66
Variant that requires a digital certificate on the server, but not on the client
EAP - TTLS
67
Variant that uses a protected access credential, instead of a certificate, to establish mutual authentication between devices
EAP - FAST
68
Variant that supports mutual authentication by using server certificate and the MS Active Directory databases for it to authentication a password from the client
PEAP
69
Variant of EAP that only works on CISCO-based devices
LEAP
70
Extends a private network over a public one, enabling users to securely send and receive data
VPN
71
Establishes secure tunnels over the public internet for interconnecting remote sites
Site-to-site VPN
72
Connects individual devices directly to the organization's Headquarter, enabling remote users to access the network
Client-to-site VPN
73
Maximizes security by encrypting all traffic to the Headquarters while integrating clients with the network
Full Tunnel VPN
74
Divides traffic and network requests and then routes them to the appropriate network
Split Tunnel
75
Secure remote access through browser-based VPN tunnels without needing client software or hardware configuration
Clientless VPN
76
A protocol that provides cryptographic security for secure connections and is used for secure web browsing and data transfer
Transport Layer Security (TLS)
77
A UDP-based version of TLS protocol that offers the same security level as TLS while maintaining faster operations.
Datagram Transport Layer Security (DTLS)
78
A protocol suite for secure communication through authentication and data encryption in IP network
Internet Protocol Security (IPSec)
79
Employs the original IP header, ideal for client-to-site VPNs dealing with MTU constraints
Transport Mode
80
Employed for site-to-site VPNs and adds an extra header that can increase packet size and exceed the MTU
Tunneling Mode
81
Offers connectionless data integrity and data origin authentication for IP datagrams using cryptographic hash as identification information
Authentication Header (AH)
82
Employed for providing authentication, integrity, replay protection, and data confidentiality by encrypting the packet's payload
Encapsulating Security Payload (ESP)
83
Virtualized approach to managing and optimizing wide area network connections to efficiently route traffic between remote sites, data centers, and cloud environments
SD-WAN
84
Used to consolidate numerous network and security functions into a single cloud-native service to ensure that secure and access for end-users can be achieved
SASE
85
Distine segment within a network, often created by logical isolating the segment using a firewall or other security device
Security Zone
86
Hosts public-facing services such as web servers, email server, and DNS servers and safeguards against security breaches by preventing attackers from gaining direct access to the sensitive core internal network
Screened Subnet
87
Refers to all the points where an unauthorized user can try to enter to or extract data from an environment
Attack surface of a network
88
A protective measure put in place to reduce potential risks and safeguard an organization's assets
Control
89
Users or systems are granted only the necessary access rights to perform their duties, reducing the attack surface
Key Principle: Least Privilege
90
Emphasizes the use of multiple layers of security to mitigate threats even if one control fails
Key Principle: Defense in Depth
91
Prioritizing control based on potential risks and vulnerabilities specific to infrastructure to make efficient use of resources
Key Principle: Risk-based Approach
92
Regularly reviewing, updating, and retiring controls to adapt to evolving threat landscapes
Key Principle: Lefecycle Management
93
Ensuring transparency and accountability through rigorous testing and scrutiny of infrastructure and controls
Key Principle: Open Design Principle
CompTIA SEC+ SY-701
flashcards
Decks in class (26)
# Cards
-
Data Protection37
-
Cryptographic Solutions20
-
Fundamentals of Security59
-
Threat Actors40
-
Physical Security25
-
Social Engineering34
-
MALWARE27
-
Third-Party Vendor Risks26
-
Security Infrastructure93
-
Governance and Compliance39
-
Vulnerabilities and Attacks49
-
Asset and Change Management36
-
Cyber Resilience and Redundancy51
-
Security Techniques58
-
Security Architecture40
-
Incident Response33
-
Alerting and Monitoring20
-
Identity and Access Management Solution57
-
HARDENING25
-
Vulnerability Management20
-
Malicious Activity31
-
Security Awareness13
-
Investigating an Incident10
-
Orchestration and Automation31
-
Areas Need Improvement13
-
Test-Data Monitoring10
