1.

Key Distribution Center (KDC)

1. A KDC is a trusted server used in network authentication systems, especially Kerberos.

2. It helps distribute symmetric keys securely between users and services.

3. The KDC is made up of two parts: Authentication Server (AS) and Ticket Granting Server (TGS).

4. It ensures secure communication without needing users to exchange keys directly.

2. Digital Signature Standard (DSS)

1. DSS is a U.S. government standard defined by NIST for creating digital signatures.

2. It uses the Digital Signature Algorithm (DSA) for verification and signing.

3. It provides authentication, data integrity, and non-repudiation.

4. The standard ensures documents or messages are not tampered with in transit.

3. Birthday Attack

1. A birthday attack is a cryptographic attack on hash functions.

2. It uses the probability principle that two different inputs can result in the same hash (collision).

3. The attack is named after the birthday paradox, which shows higher chances of collisions than
expected.

4. It threatens digital signatures and message authentication if the hash function is weak.

4. EAP over LAN (EAPoL)

1. EAPoL is part of the IEEE 802.1X standard for network access control.

2. It is used to carry EAP (Extensible Authentication Protocol) messages over Ethernet or Wi-Fi.

3. EAPoL helps in authenticating devices before granting access to the network.

4. It plays a key role in WPA/WPA2 security used in wireless networks.

5. Purpose of HTTPS

1. HTTPS is the secure version of HTTP that encrypts data in transit.

2. It uses SSL/TLS to protect sensitive information (e.g., passwords, credit cards).

3. It ensures data integrity, confidentiality, and authentication.

4. Helps prevent man-in-the-middle attacks and unauthorized data access.

1. Contains Version, Serial Number, and Signature Algorithm info.

2. Has details about the Issuer (CA) and Subject (owner of the certificate).

3. Includes Validity Period and Public Key Information.

4. Ends with a Digital Signature to verify authenticity and optional extensions.

7. When X.509 Certificate Can Be Revoked

1. If the private key is compromised or exposed.

2. When the user or organization leaves or changes roles.

3. If the certificate was issued incorrectly or fraudulently.

4. If the Certificate Authority (CA) detects misuse or policy violations.

8. Difference Between Kerberos v4 & v5

1. Kerberos v4 supports only DES, while v5 supports multiple encryption algorithms.

2. v5 supports features like ticket forwarding and renewable tickets.

3. v5 is compatible with both IPv4 and IPv6.

4. Cross-realm authentication is more flexible and secure in v5.

9. ESP Format in IPSec

1. ESP (Encapsulating Security Payload) provides encryption and optional authentication.

2. Contains a Security Parameters Index (SPI) and Sequence Number for anti-replay.

3. Payload Data is encrypted, and padding ensures alignment.

4. Authentication Data (optional) ensures integrity of the payload.

10. Example of DoS Attack

1. A SYN Flood is a common DoS attack that overwhelms a server with fake connection requests.

2. Other examples include ICMP flood, HTTP GET/POST flood, or UDP flood.

3. These attacks aim to exhaust server resources like CPU or memory.

4. The goal is to make the service unavailable to legitimate users.

11. Replay Attack Countermeasures

2. Include nonces (random values) in the communication to make each session unique.

3. Implement sequence numbers to track the order of messages.

4. Use session tokens that expire quickly to limit replay window.

12. Tunneling Mode in IP Security

1. Encrypts the entire original IP packet, including headers.

2. Adds a new IP header, hiding the original sender and receiver.

3. Mainly used in VPNs for secure communication between gateways.

4. Provides confidentiality and integrity between networks.

13. Network Access Control (NAC)

1. NAC enforces security policies before allowing a device on a network.

2. Checks if the system has antivirus, updates, and proper configuration.

3. Often uses 802.1X authentication and posture checks.

4. Helps prevent unauthorized access and spreads of threats.

14. Difference Between AH and ESP

1. AH (Authentication Header) provides integrity but no encryption.

2. ESP (Encapsulating Security Payload) provides encryption and optional integrity.

3. AH protects header and payload, ESP protects payload only.

4. ESP is preferred for confidentiality, AH for authentication only.

15. HTTP vs HTTPS

1. HTTP is unencrypted; HTTPS encrypts communication using SSL/TLS.

2. HTTPS ensures data confidentiality, integrity, and server authentication.

3. HTTPS runs on port 443; HTTP runs on port 80.

4. HTTPS is essential for secure transactions like banking or logins.

16. TLS vs SSL

1. TLS is the successor to SSL, with stronger security features.

3. TLS provides better encryption, key exchange, and message authentication.

4. Most secure websites now use TLS 1.2 or TLS 1.3.

17. Kerberos Realm

1. A Kerberos realm is like a domain managed by a single KDC.

2. Represents a logical group of users, services, and policies.

3. All authentication in the realm is handled by the realm’s KDC.

4. Realms can be linked to allow cross-realm authentication.

18. SSL Record Protocol Services

1. Confidentiality through encryption using symmetric keys.

2. Integrity through Message Authentication Codes (MACs).

3. Fragmentation and reassembly of data for secure transport.

4. Supports upper-layer protocols like HTTP, FTP, etc.

19. MD5 vs SHA

1. MD5 produces a 128-bit hash; SHA-1 produces 160-bit; SHA-256 is stronger.

2. MD5 is faster but vulnerable to collisions.

3. SHA algorithms are more collision-resistant and secure.

4. SHA is recommended for digital signatures and certificates.

20. 802.1X Network Access Control (NAC)

1. Provides port-based access control using authentication.

2. Uses EAP to authenticate users/devices before granting network access.

3. Commonly used in enterprise wired and wireless networks.

4. Works with a RADIUS server to validate credentials.

21. SSL Connection vs SSL Session

1. An SSL connection is a temporary link for secure data exchange.

2. An SSL session is a set of shared parameters that can be reused.

4. Sessions improve efficiency; connections handle actual communication.