CompTIA Security+ Exam Notes

CompTIA Security+ Exam Notes
Let Us Help You Pass

Thursday, October 17, 2024

DKIM

 DKIM

DomainKeys Identified Mail (DKIM) is an email authentication protocol that verifies the authenticity of an email and prevents unauthorized changes to its contents. DKIM is an open standard that uses public key cryptography to assign a private key to each outgoing email. The recipient's server then uses the public key in the DKIM record to decrypt the signature and confirm that the email is authentic.

DKIM is an important tool for preventing spam, spoofing, and phishing attacks. It's often used in conjunction with other email authentication methods, such as Sender Policy Framework (SPF) and Domain-based Message Authentication Reporting and Conformance (DMARC). Emails that don't pass DKIM and SPF checks may be marked as spam or rejected by email servers.

DKIM is an industry-standard, defined in RFC 6376 and updated in RFC 8301 and RFC 8463. Most email providers, including Microsoft, make it relatively easy to set up DKIM for an organization.

SPF (Sender Policy Framework)

 SPF (Sender Policy Framework)

Sender Policy Framework (SPF) is an email authentication protocol that verifies if an email is from an authorized server for a specific domain:

How it works

When receiving an email, the mail server checks the domain's IP address against the authorized servers listed in the SPF record. If the email is from an authorized server, it passes SPF authentication and is delivered. If the email is from an unauthorized server, it fails SPF authentication and is rejected or sent to spam.

Benefits

SPF helps protect domains from being misused by malicious actors who send spam or phishing emails. It also improves a domain's reputation and email deliverability.

Implementation

Domain owners publish an SPF record in the DNS for each domain or host with an A or MX record. SPF records are TXT files that can't exceed 10 tags or 255 characters.

S/MIME

 S/MIME

Secure/Multipurpose Internet Mail Extensions (S/MIME) is an industry-standard that encrypts and digitally signs emails to ensure their integrity and security:

  • Encryption: Protects the contents of emails
  • Digital signatures: Verifies the sender's identity
  • Message integrity: Ensures the email's contents are not altered
  • Non-repudiation: Provides a way to prove the origin of the email
  • Authentication: Verifies the identities of both the sender and recipient

S/MIME is compatible with most enterprise email clients, including Outlook for iOS and Android. To add or remove a digital signature from a message in Outlook on the web, you can:

  • Go to the top of the message
  • Select More options > Message options
  • Select or deselect Digitally sign this message (S/MIME)

SMTP (Simple Mail Transfer Protocol)

 SMTP (Simple Mail Transfer Protocol)

SMTP, or Simple Mail Transfer Protocol, is an Internet standard communication protocol used for sending and receiving email messages. It defines how email is transmitted between servers and from email clients to servers.

Here’s a quick overview of how SMTP works:

  • Email Client to Server: When you send an email, your email client (like Outlook or Gmail) connects to an SMTP server.
  • Server to Server: The SMTP server then communicates with the recipient’s email server to deliver the message.
  • Email Retrieval: While SMTP is used for sending emails, protocols like IMAP or POP3 are used for retrieving them from the server to your inbox.

SMTP typically uses port 25 for server-to-server communication and port 587 (SMTPS) for client-to-server communication.

POP3 (Post Office Protocol 3)

 POP3 (Post Office Protocol 3)

Post Office Protocol 3 (POP3) is an email retrieval protocol that downloads emails from a server to a user's device. POP3 is an older protocol that was designed for use on a single computer, and it has some limitations compared to more modern protocols:

One-way synchronization

POP3 only allows users to download emails from a server to a client, and not the other way around.

No previewing

POP3 doesn't allow users to preview, search, delete, or organize emails on the server.

No synchronization between devices

Users must manually create or set folders and settings on each device they use.

No real-time synchronization

POP3 lacks real-time synchronization between the email server and the client.

POP3 is configured to listen on port 110 for plain-text transmission, and port 995 for encrypted communication via SSL/TLS.

POP3 is losing popularity as people use multiple devices to access their email. Internet Message Access Protocol (IMAP) is a better option for users who access their email from multiple devices, as it stores emails on the mail server.

Wednesday, October 16, 2024

IMAP

 IMAP

IMAP, or Internet Message Access Protocol, is a standard protocol that allows email clients to access email messages from a mail server. IMAP has several key features, including:

  • Centralized storage: Messages are stored on the mail server, not on the user's device. This means that users can access their messages from any device with an email client.
  • Synced across devices: Changes made to a mailbox are synced across all devices.
  • Selective downloading: Users only download messages when they click on them, and attachments aren't automatically downloaded.
  • Multiple clients: Multiple email clients can manage the same email box.

IMAP is one of the most common protocols for email retrieval, along with POP3 (Post Office Protocol). IMAP servers typically listen on port 143, and IMAP over SSL (IMAPS) uses port 993.

IMAPS connections are encrypted, which provides increased security. However, cybercriminals often target passwords, so users can protect themselves with multi-factor authentication and user activity monitoring tools.

WAN (Wide Area Network)

 WAN (Wide Area Network)

A wide-area network (WAN) is a computer network that connects smaller networks, or local-area networks (LANs), across great distances. WANs are used by businesses and governments to connect offices, data centers, cloud applications, and other networked sites.

WANs are important for a number of reasons, including:

Communication

WANs allow employees and customers to communicate and share information across regions and countries.

Access to information

WANs allow employees to access the information they need to do their job, even when they're traveling. Students can use WANs to access library databases and university research.

Sharing information with customers

WANs help organizations share information with customers and partner organizations.

WANs can use a variety of technologies for links, including circuit-switched telephone lines, radio wave transmission, and optical fiber. The internet is the worlds largest WAN.