1.0 Network Security

1.4 Implement and use common protocols

  • IPSec

    IPsec is a protocol suite that provides an authentication and encapsulation standard used to establish and secure communications between servers and clients to prevent attacks from external sources. While most security systems function within the application layer of the OSI model, IPsec is implemented at the network layer.

  • SNMP

    Simple Network Management Protocol (SNMP) is an "Internet-standard protocol for managing devices on IP networks. Devices that typically support SNMP include routers, switches, servers, workstations, printers, modem racks, and more." It is used mostly in network management systems to monitor network-attached devices for conditions that warrant administrative attention.

  • SSH

    Secure Shell (SSH) is a cryptographic remote login protocol for secure data communication over an unsecured network. Designed as a replacement for telnet and rlogin, which send information in plaintext, SSH client and server programs provide strong host-to-host and user authentication as well as a number of securely encrypted methods of communication to provide confidentiality and integrity of data. SSH supports data stream compression between the client and the server.

    There are two major versions of the SSH protocol in widespread use, SSH v1 and SSH v2. SSH v2 is more secure, and includes SFTP, which is similar to FTP, but is SSH v2 encrypted.

  • DNS

    The Domain Name System (DNS) is a hierarchical naming system for computers, services, or any resource connected to the Internet or a private network. Internet and TCP utilities such as telnet, FTP, and SMTP use DNS to translate computer host and domain names to their corresponding IP addresses. DNS allows you to type recognizable names into your Web browser and your computer will automatically find that address on the Internet. Address information is stored in several locations in a hierarchical structure.

  • TLS

    Transport Layer Security (TLS) is a cryptographic protocol that provides communication security over the Internet. TLS encrypts the segments of network connections above the Transport Layer, using asymmetric cryptography for key exchange, symmetric encryption for privacy, and message authentication codes for message integrity.

  • SSL

    The Secure Sockets Layer (SSL) protocol is a security protocol that provides communications privacy and reliability between two communicating applications over the Internet. The protocol allows client/server applications to communicate in a way that is designed to prevent eavesdropping, tampering, or message forgery. SSL is a widely implemented protocol that provided the basis for Transport Layer Security (TLS).

  • TCP/IP

    The TCP/IP suite is a collection of internet protocols developed by the Department of Defense. Designed to permit communication among a variety of independent, multivendor systems, support is provided for a wide variety of protocols and services, including TCP, IP, UDP, ARP, and others, on many different types of media. TCP/IP is routable across more than one local area network (LAN). Named for it's two primary protocols, Transmission Control Protocol (TCP) and Internet Protocol (IP), TCP/IP provides end-to-end connectivity specifying how data should be formatted, addressed, transmitted, routed and received at the destination.

  • FTPS

    FTPS is an extension to the commonly used File Transfer Protocol (FTP) that adds support for the Transport Layer Security (TLS) and the Secure Sockets Layer (SSL) cryptographic protocols.


    Hypertext Transfer Protocol Secure (HTTPS) is a combination of Hypertext Transfer Protocol (HTTP) with SSL/TLS protocol. It provides encrypted communication and secure identification of a network web server. HTTPS connections are often used for payment transactions on the World Wide Web and for sensitive transactions in corporate information systems. HTTPS uses port 443 by default.

  • SFTP

    The SSH File Transfer Protocol provides secure file transfer functionality over any reliable, bidirectional octect stream. It is the standard file transfer protocol for use with the SSH2 protocol.

  • SCP

    Secure copy or SCP is a means of securely transferring computer files between a local host and a remote host or between two remote hosts. It is based on the Secure Shell (SSH) protocol.

  • ICMP

    The Internet Control Message Protocol (ICMP) is one of the core protocols of the Internet Protocol Suite. It is chiefly used by the operating systems of networked computers to send error messages indicating, for example, that a requested service is not available or that a host or router could not be reached. ICMP can also be used to relay query messages.

  • IPv4 vs. IPv6

    IPv4 has been superseded by the more recent IPv6 specification.

    IP version 6 (IPv6) is a new version of the Internet Protocol, designed as the successor to IP version 4 (IPv4). The changes from IPv4 to IPv6 include an increase to the IP address size from 32 bits to 128 bits providing a greater number of available addresses and provision for additional support for authentication and data integrity.