Security+ pt 4

All right, first post of the year. Here’s to having goals, making them realistic and following up with them. You know, thinking about naming conventions, is this really the best idea? I mean its the first thing people see. Anyway, I had hoped to finish this cert last year. I started on it but clearly did not get anywhere close to finishing it but I did get the Network+ so I mean its close. I also underestimated this one. Just to be honest I didn’t think it would be the tremendous amount of work that it absolutely is. And should be. However I was not expecting to see 700 questions haha. Initially I was supplied with a fairly small book and a slide deck. I was pretty sure that wasn’t going to cut it. Glad I didn’t try but to be honest I studded that stuff and learned from it so it was not a waste of time.

photo steganography_zpslxyidbk6.png

I know we covered this at least once before and I mentioned ‘did we talk about this already’ but here we are. Is this James Bond lol? Honestly, I’m not sure what they are talking about, for the reason, of transferring hidden data. Anyway, Steganography.

photo peap again_zpszgr3qx15.png

This is the stuff that will kill me on the test. I don’t think there is any way around getting a string of these looped together wrong given the margin for definitional argument. Given that, ill try.

  • EAP-TLS – EAP is an authentication framework, not a specific authentication mechanism.[1] It provides some common functions and negotiation of authentication methods called EAP methods. There are currently about 40 different methods defined. Methods defined in IETF RFCs include EAP-MD5, EAP-POTP, EAP-GTC, EAP-TLS, EAP-IKEv2, EAP-SIM, EAP-AKA, and EAP-AKA’. Additionally, a number of vendor-specific methods and new proposals exist. Commonly used modern methods capable of operating in wireless networks include EAP-TLS, EAP-SIM, EAP-AKA, LEAP and EAP-TTLS. Requirements for EAP methods used in wireless LAN authentication are described in RFC 4017. The list of type and packets codes used in EAP is available from the IANA EAP Registry. It also uses certificates.
  • WPS – WPS stands for Wi-Fi Protected Setup. It is a wireless network security standard that tries to make connections between a router and wireless devices faster and easier. WPS works only for wireless networks that use a password that is encrypted with the WPA Personal or WPA2 Personal security protocols
  • PSK – In cryptography, a pre-shared key (PSK) is a shared secret which was previously shared between the two parties using some secure channel before it needs to be used.
  • PEAP – PEAP is similar in design to EAP-TTLS, requiring only a server-side PKI certificate to create a secure TLS tunnel to protect user authentication, and uses server-side public key certificates to authenticate the server. It then creates an encrypted TLS tunnel between the client and the authentication server. In most configurations, the keys for this encryption are transported using the server’s public key. The ensuing exchange of authentication information inside the tunnel to authenticate the client is then encrypted and user credentials are safe from eavesdropping.

Yeah, i was close but PEAP doesn’t use a certificate.

photo diffie-Hellman_zpsmxzn7j9i.png

Im going to be real honest, I got this right but I’m not really sure why haha

  • RIPEMD – RIPEMD (RIPE Message Digest) is a family of cryptographic hash functions developed in 1992 (the original RIPEMD) and 1996 (other variants). There are five functions in the family: RIPEMD, RIPEMD-128, RIPEMD-160, RIPEMD-256, and RIPEMD-320, of which RIPEMD-160 is the most common.
  • ECDHE – ECDHE stands for Elliptic Curve Diffie-Hellman Ephemeral. We recall that the purpose of Diffie-Hellman is to exchange a secret over an insecure channel; both sides build their own secret key from a value they received from the other participant: this is key exchange
  • Diffie-Hellman – method of securely exchanging cryptographic keys over a public channel and was one of the first public-key protocols as originally conceptualized by Ralph Merkle and named after Whitfield Diffie and Martin Hellman.[1][2] DH is one of the earliest practical examples of public key exchange implemented within the field of cryptography.
  • HTTPS – HyperText Transfer Protocol Secure (HTTPS) is an extension of the Hypertext Transfer Protocol (HTTP). It is used for secure communication over a computer network, and is widely used on the Internet.

I guess we should look up that IKE phase thing too, In computing, Internet Key Exchange (IKE, sometimes IKEv1 or IKEv2, depending on version) is the protocol used to set up a security association (SA) in the IPsec protocol suite. IKE builds upon the Oakley protocol and ISAKMP.[1] IKE uses X.509 certificates for authentication ? either pre-shared or distributed using DNS (preferably with DNSSEC) ? and a Diffie–Hellman key exchange to set up a shared session secret from which cryptographic keys are derived.[2][3] In addition, a security policy for every peer which will connect must be manually maintained.[2]. lol, well there we have it in plain text that it clearly uses that and only that.

photo missing null check_zpsjghqnybd.png

Honestly, this is a good one as I don’t know what these are. The answer is correct but I’m not a coder by any stretch and at some point feel like I should learn a little bit. Is now the right time to learn this? Unclear

<

  • Page exception – The exception is normally an object that is thrown at runtime. Exception Handling is the process to handle the runtime errors. There may occur exception any time in your web application. So handling exceptions is a safer side for the web developer.
  • Pointer dereference – The dereference operator or indirection operator, sometimes denoted by “*”, is a unary operator found in C-like languages that include pointer variables. It operates on a pointer variable, and returns an l-value equivalent to the value at the pointer address. This is called “dereferencing” the pointer
  • NullPointerException – In Java, a special null value can be assigned to an object reference. NullPointerException is thrown when an application attempts to use an object reference that has the null value
  • Missing null check – The program can dereference a null-pointer because it does not check the return value of a function that might return null.

/p>

photo smart card kerberos_zpshbos7nac.png

The real kicker here is what I think they are calling ‘mutual authentication’ which in the case of kerberos would occur with ticket creation process. I dont think you can use a smart card with CHAP or LDAP as they are both a little older and basic.

All right, I think that’s all for tonight folks. Tomorrow I’m off but being that ill be up all night I’m sure I’ll be going through test prep questions. Hopefully I can get 150 done over ‘the weekend’ which would put me at 250/700 for the first go around. wow, this thing is an absolute bugger.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

Website Powered by WordPress.com.

Up ↑

%d bloggers like this: