CompTIA Security+ (SY0-601): Security Protocols
This section highlights secure communication protocols including S/MIME for encrypted email, and discusses network security risks such as downgrade attacks and vulnerabilities in PPTP. It also introduces inspection techniques like SSL/TLS Break & Inspect that allow secure traffic to be decrypted and analyzed by proxies.
S/MIME
Secure/Multipurpose Internet Mail Extensions:
A standard that provides cryptographic security for electronic messaging
Authentication & Integrity
Non-repudiation
S/MIME can encrypt emails and their contents …including malware
Key Terms
S/MIME
Secure/Multipurpose Internet Mail Extensions:
A standard that provides cryptographic security for electronic messaging
Downgrade Attack
A protocol is tricked into using a lower quality version of itself instead of a higher quality version
SSL/TLS: Break & Inspect
Utilizes a proxy to capture data and inspect it before downloading it
PPTP
Point to Point Tunneling Protocol:
A protocol that encapsulates PPP packets and ultimately sends data as encrypted traffic
L2TP
Layer 2 Tunneling Protocol:
A connection between two or more computers or devices that are not on the same private network
IPSec
A TCP/IP protocol that authenticates and encrypts IP packets and effectively securing communications between computers and devices using this proto...
Related Flashcard Decks
Study Tips
- Press F to enter focus mode for distraction-free studying
- Review cards regularly to improve retention
- Try to recall the answer before flipping the card
- Share this deck with friends to study together
| Term | Definition |
|---|---|
S/MIME | Secure/Multipurpose Internet Mail Extensions: Authentication & Integrity Non-repudiation S/MIME can encrypt emails and their contents …including malware |
Downgrade Attack | A protocol is tricked into using a lower quality version of itself instead of a higher quality version |
SSL/TLS: Break & Inspect | Utilizes a proxy to capture data and inspect it before downloading it |
PPTP | Point to Point Tunneling Protocol: PPTP can use CHAP-based authentication, making it vulnerable to attacks |
L2TP | Layer 2 Tunneling Protocol: L2TP is usually paired with IPSec to provide security |
IPSec | A TCP/IP protocol that authenticates and encrypts IP packets and effectively securing communications between computers and devices using this protocol IPSec provides confidentiality (encryption), integrity (hashing), and authentication (key exchange) |
IKE | Internet Key Exchange: Method used by IPSec to create a secure tunnel by encrypting the connection between authenticated peers |
SA | Security Association: Establishment of secure connections and shared security information using certificates or cryptographic keys |
AH | Authentication Header: Protocol used in IPSec that provides integrity and authentication |
ESP | Encapsulating Security Payload: Provides integrity, confidentiality, and authenticity of packets by encapsulating and encrypting them |
IPSec: Transport Mode | Host-to-host transport mode only uses encryption of the payload of an IP packet but not its header Transport mode is used for transmission between hosts on a private network |
IPSec: Tunnel Mode | A network tunnel is created which encrypts the entire IP packet (payload and header) Tunnel mode is commonly used for transmission between networks Site-to-site VPNS |