Đang chuẩn bị liên kết để tải về tài liệu:
CompTIA Network+ Certification Study Guide part 48

Không đóng trình duyệt đến khi xuất hiện nút TẢI XUỐNG Tải xuống

CompTIA’s Network+ certification Study Guide part 48 is a globally-recognized, vendor neutral exam that has helped over 235,000 IT professionals reach further and higher in their careers. The 2009 Network+ exam (N10-004) is a major update with more focus on security and wireless aspects of networking. Our new study guide has been updated accordingly with focus on network, systems, and WAN security and complete coverage of today’s wireless networking standards. | 456 CHAPTER 9 Security Standards and Services location. TACACS is also credited with separating the AAA functions. TACACS is considered proprietary because its packet formats are completely different from those in TACACS or XTACACS making TACACS incompatible with previous versions. Unlike previous versions of TACACS that used one database for all AAA TACACS uses individual databases for each. TACACS was the first revision to offer secure communications between the TACACS client and the TACACS server. TACACS uses TCP as its transport and continues to gain popularity because it is easy to implement and reasonably priced. Exam Warning Make sure you understand the difference between TACACS and TACACS . The most important thing to remember is that TACACS uses UDP as its transport protocol while TACACS uses TCP. Also TACACS is a proprietary version owned by Cisco. Vulnerabilities The largest vulnerability in TACACS is the comparative weakness of the encryption mechanism. It s possible for someone with physical network access to capture an authentication request from a client and manipulate it. This request would be accepted by the server the encrypted reply would be sent but because the cleartext of that reply would be known breaking the encryption would be a fairly simple task. Even worse the encryption used in TACACS is based on a shared secret that is rarely changed so a compromise at any point would ultimately expose future compromises. It is therefore a very good idea to regularly change the shared secrets used by TACACS clients. One of the biggest complaints regarding TACACS is that it does not offer protection against replay attacks. Replay attacks occur when a hacker intercepts an encrypted packet and impersonates the client using the information obtained from the decrypted packet. When files are sent over a network using TCP IP they are split into segments suitable for routing. This is known as packet sequencing. At the receiving end the TCP IP organizes the .