4.5-4.6 Flashcards

1
Q

network based fw

A

can also be layer 3 router, can do NAT, dynamic routing, can VPN between sites

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

ips rules

A

signature based if signature matches then reject it. anomaly based, unusual traffic patterns flagged.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

url scanning

A

allow or restrict based on a url. managed by category.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

agent based web filter

A

deploy software on the user’s device to collect data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

dns filtering

A

harmful sites don’t have their ip address resolved so they can’t connect to their website

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

active directory (AD)

A

a database of everything on the network
-computers users, file sharess, printers, groups, and more

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

SELinux

A

Security Enhanced Linux.
Adds mandatory access control (MAC) to Linux
which allows central admin to decide who gets access to what security level

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

dac

A

discretionary access control. user has their own discretion as to what rights and permissions to assign to different resources in linux os.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

how to secure traffic over wifi or in general?

A

use wpa3 which encrypts all traffic over wifi

use vpn tunnel

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

mail gateway

A

evaluates all emails to see if it is legit. decides if it goes to inbox or spam

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

spf protocol

A

sender policy framework.
identifies authorized mail servers so you know if it is coming from a legit source

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

dkim

A

domain keys identified mail. mail server digitally signs all outgoing mail

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

dmarc

A

domain based message authentication, reporting, and conformance.

extension of spf and dkim. allows you to decide what receiving email servers should do with emails that weren’t validated with spf and dkim. also sends compliance reports

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

fim

A

file integrity monitoring. monitor important os and app files and identify when changes occur.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

sfc

A

system file checker. windwos fim

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

tripwire

A

linux fim

17
Q

endpoint

A

the user’s access.

18
Q

edr
xdr

A

endpoing detection and response many ways to detect threat, can investigate and respond.

extended detection and response. evolution of edr, has network based detection, correlateds endpoint, network, and cloud data for improved detection rates.

19
Q

persistent agent

A

permanently installed onto system

20
Q

dissolvable agent

A

no install required, runs during posture assessment deletes itself when scan is over

21
Q

agentless nac

A

integrated with active directory, checks made during login and logoff dont need download

22
Q

iam

A

identity and access management. identity lifecycle management. form onboard to leaving. nobody gets admin access

23
Q

Ldap

A

protocol for reading and writing directories over an ip network

24
Q

samL

A

security assertion markup language. you can autheticate through a third party to gain access. not made for mobile devices

25
Q

OAuth

A

authorization framework for modern and mobile devices. created by twitter,google and many others. allows for different types of authentication throught third parties to authorize access

26
Q

federation

A

when a website allows you to make an account using your google or facebook account

27
Q

interoperability

A

protocols and authentication or authorization method work well with each other

28
Q

rule based access control

A

generic term for following rules. access determined through system-enforced rules

29
Q

abac

A

attribute based access control, can consider many parameters when authorizing.

30
Q

hard/soft

A

key card or usb (physical things), hardware or software tokens (logical)