Q&A Pairs for Network Security - Module 4
Module 4: Network Security - Authentication
Applications
Q1. What is Kerberos?
Kerberos is a network authentication protocol that uses secret-key cryp-
tography to authenticate client-server applications.
Q2. What are the main components of Kerberos?
Client, Authentication Server (AS), Ticket Granting Server (TGS), and
Service Server (SS).
Q3. What is a Ticket Granting Ticket (TGT)?
A TGT is issued by the AS to the client for requesting service tickets from
the TGS.
Q4. What is X.509?
X.509 is a standard for public key certificates used in authentication.
Q5. What is included in an X.509 certificate?
Version, serial number, algorithm ID, issuer, validity, subject, subject pub-
lic key info, and signature.
Q6. What is Pretty Good Privacy (PGP)?
PGP is an encryption program that provides cryptographic privacy and
authentication for data communication.
Q7. What services does PGP provide?
Confidentiality, authentication, compression, email compatibility, and seg-
mentation.
Q8. What is the IP Security (IPSec) protocol?
A suite of protocols for securing IP communications by authenticating and
encrypting each IP packet.
Q9. What are the components of IPSec?
Authentication Header (AH), Encapsulating Security Payload (ESP), and
Internet Key Exchange (IKE).
1
�Q10. What does the Authentication Header (AH) do?
It provides data integrity, data origin authentication, and protection against
replay attacks.
Q11. What does the Encapsulating Security Payload (ESP) provide?
Confidentiality, data origin authentication, connectionless integrity, and
anti-replay protection.
Q12. What is the role of IKE in IPSec?
IKE negotiates and manages the security associations (SAs) and crypto-
graphic keys.
Q13. What is an Authentication Header format?
It includes next header, payload length, SPI, sequence number, and au-
thentication data.
Q14. What is SSL?
SSL (Secure Sockets Layer) is a standard security protocol for establishing
encrypted links between a web server and a browser.
Q15. What replaced SSL?
Transport Layer Security (TLS) is the successor to SSL and provides
stronger encryption.
Q16. What are SSL handshake steps?
ClientHello, ServerHello, certificate exchange, key exchange, and secure
session initiation.
Q17. What is TLS?
TLS is a cryptographic protocol that ensures privacy between communi-
cating applications and users on the internet.
Q18. What are the components of TLS?
Record protocol, handshake protocol, change cipher spec protocol, and
alert protocol.
Q19. What is Secure Electronic Transaction (SET)?
A standard protocol for securing credit card transactions over insecure
networks.
Q20. What are the services provided by SET?
Confidentiality of payment information, integrity of data, and authentica-
tion of both cardholder and merchant.
Q21. What is the role of digital certificates in SSL/TLS?
They verify the identity of the server and sometimes the client using public
key infrastructure.
Q22. What is encapsulation security payload?
It is a part of IPSec used to provide confidentiality, integrity, and authen-
tication of the data.
2
�Q23. What is the role of a Security Association (SA) in IPSec?
SA defines the parameters for secure communication such as algorithms
and keys.
Q24. What is secure email communication?
The use of encryption and digital signatures to protect email messages
from unauthorized access and tampering.
Q25. What is IPsec tunnel mode?
A mode where the entire IP packet is encrypted and encapsulated into a
new IP packet.
Q26. What is IPsec transport mode?
A mode where only the payload of the IP packet is encrypted, leaving the
header intact.
Q27. How does SSL use certificates?
To authenticate the identity of the server and establish an encrypted con-
nection using a public key.
Q28. What is the importance of session keys in SSL/TLS?
They are used to encrypt the data exchanged during the session for con-
fidentiality.
Q29. What are the advantages of IPsec?
It provides strong security at the network layer, is transparent to applica-
tions, and is scalable.
Q30. What are the main threats addressed by web security protocols?
Eavesdropping, tampering, impersonation, and session hijacking.