Test Tips

 < Day Day Up > 



Here are your Test Tips for the communications security chapter. It is important to remember that some of these tips are not necessarily covered in the chapter but know them well. There is a good possibility that these tips will help you in a pinch on the real exam. Also, the tips at the end of each chapter are prepared with a special focus towards the CompTIA Security+ exam. Keep in mind, these tips will prove very useful as study for any security related exam available in the technical arena.

  • Hypertext Transport Protocol Secure (HTTPS) is a very popular secure protocol used to transmit messages over the Internet.

  • Always configure your e-mail server to block or remove e-mail that contains file attachments that are commonly used to spread viruses such as .vbs, .bat, .exe, .pif, and .scr files. If you must use any of these extensions, make it a point to have your e-mail antivirus program scan these attachments before delivery.

  • Instant messaging vulnerabilities have become a popular target for modern day hackers.

  • A UNC name always follows the format \\Servername\sharename.

  • A cookie can also be referred to as a state object or persistent cookie.

  • You can set up your Internet browser to alert you when a cookie is present; you can direct your browser to only download cookies from only trusted sites; or you can disable cookies altogether.

  • JavaScript is used commonly by Web developers to interact with Web pages that are typically created using HTML or XML source codes.

  • Hijackers and attackers often create or intercept Java scripts and applets, which are oftentimes able to circumvent network security perimeters and use them to manipulate files on users’ computers.

  • A popular technique known as sandboxing is often used to quarantine applets that appear suspicious or malicious.

  • The ActiveX security model does not limit an application package to a set of individual restrictive controls. Instead, its controls are based on digital signatures.

  • S/MIME (Secure Multi-Purpose Internet Mail Extensions) is a method/ protocol used to secure the sending of messages between various e-mail clients.

  • SSL and TLS are session-based X.509 digital certificate supporting protocols that use a public and private key exchange to encrypt the passing of data between client and server systems. Both protocols support RSA, DES, IDEA, 3DES, and MD5.

  • You send with mail SMTP. You download or receive mail with POP3 or IMAP. SMTP is most often used with TCP port 25.

  • FTP sessions by default are not encrypted. Usernames and passwords are transmitted in clear text. FTP user IDs and passwords can be grabbed easily with a sniffer.

  • Known vulnerabilities exist with certain versions of LDAP that have led to buffer overflow attacks, unauthorized access conditions, and Denial of Service.



 < Day Day Up > 



The Security+ Exam Guide (TestTaker's Guide Series)
Security + Exam Guide (Charles River Media Networking/Security)
ISBN: 1584502517
EAN: 2147483647
Year: 2003
Pages: 136

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net