Skip to content

Latest commit

 

History

History
56 lines (34 loc) · 2.96 KB

Network Protocols.md

File metadata and controls

56 lines (34 loc) · 2.96 KB

4. NETWORK PROTOCOLS

Network protocols are sets of rules or conventions that govern the communication between devices on a computer network. These protocols define the format, timing, sequencing, and error checking used during data transmission. Network protocols also determine how devices identify each other on the network and how they establish, maintain, and terminate connections.

Contents

This cheatsheet contains essential protocols and standards, including:

  • Name of the protocol;
  • Port number;
  • TCP or UDP port usage;
  • OSI layer;
  • Essential functions;
  • Possible vectors of attack;
  • State of security.

The cheatsheet recognizes two states of security:

1. Insecure: This state is considered outdated and prone to attacks. These protocols should not be used unless there are exceptional circumstances where they must be implemented. However, in such cases, plenty of other security measures must also be included to make them safe.

2. Secure: This state is considered safe and should be implemented in secure environments. However, even though a protocol is considered secure, it may still be vulnerable to some attacks.

IT IS ESSENTIAL TO NOTE THAT A PROTOCOL BEING CONSIDERED SECURE DOES NOT MEAN THAT IT CANNOT BE EXPLOITED.

NPC (1) NPC (2) NPC (3) NPC (4)

Files

Network Protocols Cheatsheet.docx

Sources

Computing Technology Industry Association (CompTIA). (2021). IT Fundamentals (FC0-U61) Student Guide. Section 3.3.2 "Domain Name System (DNS)."

National Institute of Standards and Technology. (2020). Security and privacy controls for information systems and organizations. https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r5.pdf

Computing Technology Industry Association. (2021). CompTIA Security+ Certification Exam Objectives. https://www.comptia.org/certifications/security

MITRE Corporation. (2021). ATT&CK for Enterprise. https://attack.mitre.org/

MITRE Corporation. (2021). D3FEND. https://d3fend.mitre.org/

National Security Agency. (2019). Security Configuration Guides. https://www.nsa.gov/ia/programs/security_configuration_guides/

OPSEC. (2021). Open Source Intelligence. https://www.opsec.com/

OWASP Foundation. (2021). OWASP Top Ten Project. https://owasp.org/Top10/

License

This repository is licensed under the MIT License.

Contributing

If you would like to contribute to this repository, please feel free to submit a pull request. All contributions are welcome and appreciated.