NOEL ANDREW LOPEZ

20161143313

1. Secure Protocols

Voice/Video Secure Real-time Transport Protocol (SRTP) is commonly used for encrypting voice and
video streams. It provides confidentiality, integrity, and authentication to ensure that communication
remains private and tamper-proof.

Time Synchronization Network Time Protocol (NTP) and Precision Time Protocol (PTP) are commonly
used protocols for time synchronization. NTP is more commonly used for general synchronization, while
PTP is used in more precise applications, such as industrial systems.

Email Transport Layer Security (TLS) is used to secure email communication, providing encryption and
authentication between mail servers and clients. It ensures the confidentiality and integrity of email
exchanges.

Web HTTPS (HTTP Secure) is the secure version of HTTP, using SSL/TLS protocols to encrypt data
transmitted between web clients and servers, ensuring secure communication and data privacy.

File Transfer Secure File Transfer Protocol (SFTP) and Secure Copy Protocol (SCP) are secure alternatives
to FTP for transferring files over a network. They provide encryption and authentication.

Directory Services Lightweight Directory Access Protocol (LDAP) can be secured using SSL/TLS to encrypt
data transmitted during directory service operations, such as user authentication and access control.

Routing and Switching Virtual Private Network (VPN) protocols, such as IPsec and SSL VPN, can secure
routing and switching by creating encrypted tunnels over untrusted networks, ensuring confidentiality
and integrity of data.

Network Address Allocation Dynamic Host Configuration Protocol (DHCP) can be secured using DHCP
Snooping and DHCPv6 Guard to prevent rogue DHCP servers from allocating unauthorized IP addresses.
2. Differentiation

HIDS vs HIPS Host-based Intrusion Detection Systems (HIDS) monitor a single host for suspicious activity,
while Host-based Intrusion Prevention Systems (HIPS) not only detect but also actively respond to and
prevent intrusion attempts.

TPM vs HSM Trusted Platform Module (TPM) is a hardware-based security component embedded in
computers to secure keys and cryptographic operations. Hardware Security Module (HSM) is a dedicated
hardware device providing secure key storage and cryptographic functions.

Hashing vs Salting Hashing is the process of converting data into a fixed-size value (hash) using a
mathematical function. Salting is adding a unique value (salt) to the data before hashing to prevent
attacks like rainbow table attacks.

Full-disk encryption vs Self-encrypting drive Full-disk encryption encrypts the entire disk at the software
level, while self-encrypting drives have built-in hardware encryption mechanisms that encrypt data as it's
written to the drive.

-Intranet vs Extranet An intranet is a private network within an organization, while an extranet is an

extended intranet that allows controlled access to authorized external users, such as partners or
customers.

Passive vs Inline Monitoring Passive monitoring involves analyzing network traffic without altering it,
while inline monitoring actively intercepts and inspects traffic, allowing for immediate action if threats
are detected.

3. NGFW vs Host-based Firewall

Advantages of NGFW

- Can inspect and filter traffic at the application layer.

- Provides intrusion prevention, application control, and identity awareness.

- Can protect against sophisticated threats and malware.

- Centralized management and visibility for network security policies.

Disadvantages of NGFW

- Complex to set up and manage, potentially leading to misconfigurations.

- May introduce latency due to deep packet inspection.

- Susceptible to evasion techniques used by advanced attackers.

Advantages of Host-based Firewall

- Offers granular control over individual host's network traffic.

- Can protect against local threats and malicious software.

- May be easier to manage on a per-host basis.

- Can enforce policies even when the host is off the network.

Disadvantages of Host-based Firewall

- Requires management on each host, which can be time-consuming.

- Less effective against external threats that don't target specific hosts.

- May lead to performance overhead on the host.

4. Tokenization

Tokenization is the process of substituting sensitive data with a non-sensitive equivalent, known as a
token. This token has no intrinsic value and is useless to an unauthorized user. Tokenization is commonly
used in payment systems to protect credit card information. For example, a credit card number might be
replaced with a token that can be used to identify the transaction but cannot be reverse-engineered to
obtain the original card number.

Another example is in data security, where sensitive data like personal identification numbers (PINs) can
be tokenized to enhance security. Tokenization helps minimize the exposure of sensitive information and
reduces the risk of data breaches since even if the token is intercepted, it holds no meaningful data
without access to the original system.

Overall, tokenization helps maintain data security and privacy by reducing the risk associated with
handling sensitive information.