4.5-4.6 Flashcards
network based fw
can also be layer 3 router, can do NAT, dynamic routing, can VPN between sites
ips rules
signature based if signature matches then reject it. anomaly based, unusual traffic patterns flagged.
url scanning
allow or restrict based on a url. managed by category.
agent based web filter
deploy software on the user’s device to collect data.
dns filtering
harmful sites don’t have their ip address resolved so they can’t connect to their website
active directory (AD)
a database of everything on the network
-computers users, file sharess, printers, groups, and more
SELinux
Security Enhanced Linux.
Adds mandatory access control (MAC) to Linux
which allows central admin to decide who gets access to what security level
dac
discretionary access control. user has their own discretion as to what rights and permissions to assign to different resources in linux os.
how to secure traffic over wifi or in general?
use wpa3 which encrypts all traffic over wifi
use vpn tunnel
mail gateway
evaluates all emails to see if it is legit. decides if it goes to inbox or spam
spf protocol
sender policy framework.
identifies authorized mail servers so you know if it is coming from a legit source
dkim
domain keys identified mail. mail server digitally signs all outgoing mail
dmarc
domain based message authentication, reporting, and conformance.
extension of spf and dkim. allows you to decide what receiving email servers should do with emails that weren’t validated with spf and dkim. also sends compliance reports
fim
file integrity monitoring. monitor important os and app files and identify when changes occur.
sfc
system file checker. windwos fim