Welcome to Cyber Res Video. Siris on the Company of Security plus 5 +01 Certification and Exam.
I'm your instructor around Warner.
This video is on section 2.6. Given a scenario, implement Secure Protocols.
This is the last section for domain to on technologies and tools. In this video, I'll be talking about different security protocols, and they're used cases in computer science. A protocol. It's a set of rules or procedures for transmitting data between electronic devices or computers.
For computers to exchange information, there must be a pre existing agreement. And as to how it will be structured and the transmission method,
the security plus exam requires you to understand common security protocols such as those listed on the screen.
You also need to be familiar with how, where and when these protocols are used. As I walk through. The protocols also talked through some of the use cases.
Many of these are also covered in other sections of security. Plus,
the first set of protocols I'll be discussing are those dealing with Web security, encryption, authentication and certificates.
SSL secure sockets layer Latest version is three Dato, although it's now been depreciated, but they buy the I E T f and should not be used.
It uses certificates for authentication and encryption for message, integrity and confidentiality.
SSL and Transport Layer Security T L s are the standard security technologies for establishing an encrypted link between a server and the client,
usually a Web server, and were website and a browser.
T L s Transport Layer Security is based on SSL three Dato.
The most current version as of this video is version 1.3, although mostly that 1.2 is in use.
Provides privacy through symmetric encryption message integrity through message authentication code and authentication. Using P k I digital certificates
forward secret See ensures that any future disclosure of encryption keys cannot be used to decrypt any T. L s communications recorded in the past and should be included within your security infrastructure. When enabling t l s
https uses SSL and teal us to secure the Web communication leveraging X 509 digital certificates and 256 bit encryption keys refer to domain six where I talk about encryption and cryptography.
Some of the use cases is associated with S S, L T L s and https include user credentials which are required in a transaction such as e commerce or bank websites. Anything accepting credit card payments. Another use case. Our session cookies in which user credentials are stored.
Cloud based environment communications
will also use S S L T L s.
Google now requires t l s for any website utilizing its service is
next topic is the NSX domain name service de ns is like the Internet phone book where you equate I P address with a common name like a u r l
D N s Does not check for any credentials before accepting and an answer.
Attackers can exploit this basic vulnerability or an attacker can cause de ns poisoning by delegating a false name to the domain server and providing a false address for for that server.
See the previous sessions on different attacks types for D. N s poisoning.
To prevent this from happening, the d n a security extensions DNA SEC protocol was developed. It protects against such attacks by providing a validation path for records. The NSX does not encrypt data. It provides a way to validate the addresses of a site by using a sequence of digital signatures
through the D. N s hierarchy,
all individual domain levels are in control of their own signature generating keys.
Secure shell is another protocol you need to be aware of.
It replaces Tell Net for remote communications. Telnet is an original UNIX command, which allowed one system to connect to another system, but it did it with all clear text credentials.
SS Age establishes a session between the client and host computers using authenticated and encrypted connection.
It uses a symmetric public. He R s a cryptography for both the connection and authentication relies on digital certificates as well to connect to the remote host. It's often used for remote administration of Lennox servers. Note that other protocols can also tunnel their service is through Sssh!
There's some protocols you need to be aware of associated with securing e mail.
The first is Esme I. It's the standard for encryption and signing of mime or email data
because S mime is a client based protocol. The most common use case for this protocol is securing internal client messages.
The client side is responsible for protecting the message.
The message is protected until the authorized recipient opens it
organizations choose s mime when they want to secure messages from client to client because it is the most cost effective way to implement encryption and digital signing of email.
Pop three and I'm maps are mainly used as a method to secure connection between client machines and their associate ID servers. It uses SSL to ensure emails and transit between Ah Pop or I'm APP Server and the client.
For example, it's used mostly with external email,
FTP or file transfer protocol is another old UNIX based protocol and service
challenges. It passes all their credentials and clear text.
We often see FTP servers out on the Internet toe upload to Web server data.
F D P s is an FTP extension that adds S S L T L s protocols
provides mutual authentication of the parties through certificates
did a confidentiality or encryption and integrity is also leveraged through f t p s
f T P s implicit uses port 990 while FTP s explicit goes over. The traditional port 21
s f t p is different than f t p s sftp secure FTP uses SS H to transfer files using SSL encapsulation so f T P s focuses solely on using SS lt L s well s FTP
tunnels through sssh.
Today's networks are often used for video and voice transmissions. Voice and video calls are established with session initiation protocol or S I P, and data is transmitted with real time transfer protocol. RTP.
Therefore, s R T P is the secure real time transfer protocol.
It's an extension to our teepee and is intended to provide encryption method, message authentication and integrity.
It also provides replay attack protection to the RTP data in both you know, cast and multicast applications.
If you recall from our studies, L dap is a directory protocol. It can contain sensitive information about the organization systems and users.
Attackers may sniff the network to read unencrypted held up traffic or Attackers may try to corrupt and l dap query
l'd app es el that security uses S S L T l s and leverages TCP ports 6 36
s and M p. Simple Network Management protocol is used to manage networks. Each managed device has a software agent reporting configuration settings and alerts. The alerts are also known as traps toe a centralized s and M P management server
with S and M P versions. One in two.
All data was sent this clear. Text
S and M p version three also encrypts the data
S and M P. V three is designed to provide added security to earlier versions of the S and P Protocol. When the network is publicly accessible, it's best to use S and P V three, which provides more secure access and encryption.
Some use cases includes validating that a packet has not been modified in transit,
eliminating plain text S and P data on the network
and securely monitoring interface counters bend with usage, CPU, load and traps.
We'll transition to talking about other use cases.
First, his network address allocation. This is how do you allocate I P addresses normally within an internal network.
D H CP is dynamic host control Protocol and it assigns internal I P addresses. A D. H E P Server dynamically assigns an I P address and other network configuration pet parameters to each device on the network so they can communicate with other I p networks.
Another method for network address allocation is the use of network sub nets.
It's used to segregate multiple hosts and control network traffic.
Splitting one network into two or more and using routers to connect each sub net or V lands on switches means that broadcasts and traffic can be limited to a specific area on the network known as the sub net.
Sub net divisions could be based on business goals and security policy objectives.
For example, perhaps you use contract workers want to keep them on a separated network from organizational employees.
Organizations with branches often use sub nets to keep each branch separate.
Be familiar with a different I p V. For address classes as shown on your screen,
an additional common security challenge is time synchronization across the network
and keep e network time. Protocol is a UDP protocol used to synchronise time, often based on the electronic clock. You'll have a centralized Auntie P server, which will pull from, say, a service out in Boulder, Colorado, run by NIST, that has the official atomic clock time.
NTP servers should be redundant and secure. You don't want that server corrupted, and then time will be corrupted across your network.
Another use case. Our subscription service is often these air. Those cloud service is I've talked about in previous videos.
One is being software as a service s a s. For example, Cloud email. Google, Gmail and Microsoft Office 3 65 Were your purchasing a particular software application and use it across the Internet as a service. You also see subscription service is associated with network defenses.
For example, firewall ideas. I ps.
You can have a centralized service managing all of your firewall capabilities. This could include Web, an application filtering rather than maintaining your own patch capabilities. You can also use a subscription service for a patching across your network and last is anti virus and malware detection.
These were all use cases forces subscription service. Is that air quite common within the business world?
In this video, I discussed numerous security protocols and use cases.
Refer to the protocol list on your screen. The use cases are all common within businesses.
Let's practice on a sample test question
question. With this protocol, each managed device has a software agent reporting configuration settings and alert or traps to a centralized management server.
The Inter is A s, an MP simple network management protocol
This is a client base protocol used for securing email. The most common use case for this protocol is securing internal client messages.
The answer is B s. My s mime is for internal. While I maps is external, the others don't have anything to do with e mail.
This concludes the video for section 2.6. Given a scenario, implement secure protocols.
Refer to your study material for more information on these concepts.