Effective CISSP Questions

Which of the following has a design with the least security consideration? (Wentz QOTD)
A. Secure Shell (SSH)
B. Remote Shell (RSH)
C. Trivial File Transfer Protocol (TFTP)
D. Shiva Password Authentication Protocol (SPAP)

Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

My suggested answer is C. Trivial File Transfer Protocol (TFTP).

Wentz’s book, The Effective CISSP: Security and Risk Management, helps CISSP and CISM aspirants build a solid conceptual security model. It is a tutorial for information security and a supplement to the official study guides for the CISSP and CISM exams and an informative reference for security professionals.

How to Copy Cisco IOS to TFTP Server

TFTP is well-known for its simple implementation that requires no authentication and access control.

Trivial File Transfer Protocol (TFTP) is a simple lockstep File Transfer Protocol which allows a client to get a file from or put a file onto a remote host. One of its primary uses is in the early stages of nodes booting from a local area network. TFTP has been used for this application because it is very simple to implement.

TFTP was first standardized in 1981 and the current specification for the protocol can be found in RFC 1350.

Due to its simple design, TFTP can be easily implemented by code with a small memory footprint. It is therefore the protocol of choice for the initial stages of any network booting strategy like BOOTP, PXE, BSDP, etc., when targeting from highly resourced computers to very low resourced Single-board computers (SBC) and System on a Chip (SoC). It is also used to transfer firmware images and configuration files to network appliances like routers, firewalls, IP phones, etc. Today, TFTP is virtually unused for Internet transfers.

Source: Wikipedia

Remote Shell

The remote shell (rsh) is one of the programs in the Berkeley r-commands suite, which includes rcp (remote copy), rexec (remote execution), rlogin (remote login), rsh (remote shell), rstat, ruptime, and rwho (remote who).

The /etc/hosts.equiv and ~/.rhosts files provide the “remote authentication” database for the lpd, rcp, rlogin, and rsh commands and the rcmd() function. These files bypass the standard password-based user authentication mechanism. They specify remote hosts and users that are considered trusted (i.e. are allowed to access the local system without supplying a password):
– on a system-wide basis (/etc/hosts.equiv)
– by an individual user (~/.rhosts).

However, rsh typically sends unencrypted information, e.g., passwords in cleartext, over the network.

The remote shell (rsh) is a command line computer program that can execute shell commands as another user, and on another computer across a computer network.

The remote system to which rsh connects runs the rsh daemon (rshd). The daemon typically uses the well-known Transmission Control Protocol (TCP) port number 514.

Rsh originated as part of the BSD Unix operating system, along with rcp, as part of the rlogin package on 4.2BSD in 1983.

Source: Wikipedia

Secure Shell

The secure shell (ssh) provides authentication and encryption and supersedes the remote shell (rsh).

Secure Shell (SSH) is a cryptographic network protocol for operating network services securely over an unsecured network. Typical applications include remote command-line, login, and remote command execution, but any network service can be secured with SSH.

SSH provides a secure channel over an unsecured network by using a client–server architecture, connecting an SSH client application with an SSH server. The protocol specification distinguishes between two major versions, referred to as SSH-1 and SSH-2. The standard TCP port for SSH is 22. SSH is generally used to access Unix-like operating systems, but it can also be used on Microsoft Windows. Windows 10 uses OpenSSH as its default SSH client and SSH server.

SSH was designed as a replacement for Telnet and for unsecured remote shell protocols such as the Berkeley rsh and the related rlogin and rexec protocols. Those protocols send sensitive information, notably passwords, in plaintext, rendering them susceptible to interception and disclosure using packet analysis. The encryption used by SSH is intended to provide confidentiality and integrity of data over an unsecured network, such as the Internet.

Source: Wikipedia

Shiva Password Authentication Protocol (SPAP)

The Password Authentication Protocol (PAP) used in the Point-to-Point Protocol (PPP) transmits passwords in plain text over the link and is considered insecure.

Shiva Password Authentication Protocol (SPAP) is a reversible encryption mechanism employed by Shiva. A computer running Windows XP Professional, when connecting to a Shiva LAN Rover, uses SPAP, as does a Shiva client that connects to a server running Routing and Remote Access.

This form of authentication is more secure than plaintext but less secure than Challenge Handshake Authentication Protocol (CHAP).

Source: certiology


以下哪一項的設計安全考慮最少? (Wentz QOTD)
A. Secure Shell (SSH)
B. Remote Shell (RSH)
C. Trivial File Transfer Protocol (TFTP)
D. Shiva Password Authentication Protocol (SPAP)

Leave a Reply