If you’re planning to take the SY0-601 version of the Security+ exam, you should understand basics of cryptographic concepts such as common use cases. A use case typically describes an organizational goal. Many protocols mentioned in the CompTIA Security+ objectives support specific use cases.
For example, can you answer this question?
Q. You are tasked with enabling NTP on some servers within your organization’s screened subnet. Which of the following use cases are you MOST likely supporting with this action?
A. Encrypting voice and video transmissions
B. Providing time synchronization
C. Enabling email usage
D. Encrypting data in transit
More, do you know why the correct answer is correct and the incorrect answers are incorrect? The answer and explanation are available at the end of this post.
Time Synchronization Use Case
There are many instances when systems need to be using the same time (or at least a time that is reasonably close). A common use case is to ensure systems have the accurate time. As an example, Kerberos requires all systems to be synchronized and be within five minutes of each other.
Within a Microsoft domain, one domain controller periodically uses the Windows Time service to locate a reliable Internet server running the Network Time Protocol (NTP). NTP is the most commonly used protocol for time synchronization, allowing systems to synchronize their time to within tens of milliseconds. Other domain controllers within the network periodically synchronize their time with the first domain controller. Last, all computers in the domain synchronize their time with one of these domain controllers. This process ensures all the computers have the accurate time.
The Simple NTP (SNTP) protocol can also be used for time synchronization. However, NTP uses complex algorithms and queries multiple time servers to identify the most accurate time. SNTP does not use these algorithms, so it might not be as accurate as the result from NTP.
Subscription Services Use Case
Subscription services refer to a subscription-based business model. For example, instead of selling software applications to users, many vendors have moved to a subscription model where users pay over time.
For example, years ago, it was common for people to purchase Microsoft Office for access to applications such as Microsoft Word, Microsoft Excel, Microsoft Outlook, and others. Today, organizations often pay monthly or annually for access to Office 365. This gives them the most current version of Microsoft Office products, along with additional features such as cloud storage.
The protocols used for subscription services use cases vary widely depending on the actual service. However, it’s common for these to use HTTPS connections for security. Database servers maintain databases of customers, along with the products they’re renting. The connections between web servers and database servers should be secure and might use HTTPS or TLS. When the subscription is nearing an end, systems send automated emails to customers using SMTP.
Network Address Allocation Use Case
Network address allocation refers to allocating IP addresses to hosts within your network. You can do so manually, but most networks use Dynamic Host Configuration Protocol (DHCP) to dynamically assign IP addresses to hosts. DHCP also assigns other TCP/IP information, such as subnet masks, default gateways, DNS server addresses, and much more.
Here’s a review of some basic networking concepts:
IPv4
IPv4 uses 32-bit IP addresses expressed in dotted decimal format. For example, the IPv4 IP address of 192.168.1.5 is four decimals separated by periods or dots. You can also express the address in binary form with 32 bits.
All Internet IP addresses are public IP addresses, and internal networks use private IP addresses. Public IP addresses are tightly controlled. You can’t just use any public IP address.
Instead, you must either purchase or rent it. Internet Service Providers (ISPs) purchase entire ranges of IP addresses and issue them to customers. If you access the Internet from home, you are very likely receiving a public IP address from an ISP.
Routers on the Internet include rules to drop any traffic that is coming from or going to a private IP address, so you cannot allocate private IP addresses on the Internet. RFC 1918 specifies the following private address ranges:
- 10.x.y.z.10.0.0.0 through 10.255.255.255
- 172.16.y.z–172.31.y.z.16.0.0 through 172.31.255.255
- 192.168.y.z.192.168.0.0 through 192.168.255.255
These are the only three IPv4 address ranges that you should allocate within a private network.
IPv6
Although the number of IP addresses at first seemed inexhaustible, the Internet Assigned Numbers Authority (IANA) assigned the last block of IPv4 addresses in February 2011. To prepare, the Internet Engineering Task Force (IETF) created IPv6, which provides a significantly larger address space than IPv4.
IPv6 uses 128-bit IP addresses expressed in hexadecimal format. For example, the IPv6 IP address of fe80:0000:0000:0000:02d4:3ff7:003f:de62 includes eight groups of four hexadecimal characters, separated by colons. Each hexadecimal character is composed of 4 bits.
Instead of private IP addresses, IPv6 uses unique local addresses. They are only allocated within private networks and not assigned to systems on the Internet. Unique local addresses start with the prefix of fc00.
Q. You are tasked with enabling NTP on some servers within your organization’s screened subnet. Which of the following use cases are you MOST likely supporting with this action?
A. Encrypting voice and video transmissions
B. Providing time synchronization
C. Enabling email usage
D. Encrypting data in transit
Answer is B. The Network Time Protocol (NTP) provides time synchronization services, so enabling NTP on servers in the screened subnet (sometimes called a demilitarized zone or DMZ) would meet this use case.
The Secure Real-time Transport Protocol (SRTP) provides encryption, message authentication, and integrity for audio and video over IP networks.
Protocols such as Simple Mail Transfer Protocol (SMTP), Post Office Protocol v3 (POP3), and Internet Message Access Protocol version 4 (IMAP4) are used for email.
Encrypting data isn’t relevant to time synchronization services provided by NTP
See Chapter 3 of the CompTIA Security+: Get Certified Get Ahead: SY0-601 Study Guide for more information on basic networking concepts.