5 - Devices and Stuff Flashcards
What is an INE?
an inline network encryptor
What is NAC?
Network access control, which improves network security by employing policies that mandate devices meet certain security minimums before being granted network access
What is NAC?
Network access control, which improves network security by employing policies that mandate devices meet certain security minimums before being granted network access
What are SIEM utilities?
Security information and event management (SIEM) utilities analyze and correlate logs and events from multiple sources as well as provided real-time alerting features.
What are SIEM utilities?
Security information and event management (SIEM) utilities analyze and correlate logs and events from multiple sources as well as provided real-time alerting features.
What is a VLAN?
a virtual LAN (VLAN) helps secure networks by isolating hosts into separate logical groups - devices not explicitly permitted access to the VLAN are implicitly blocked
What is a VLAN?
a virtual LAN (VLAN) is a switch security feature that helps secure networks by isolating hosts into separate logical groups - devices not explicitly permitted access to the VLAN are implicitly blocked
Packet-filtering firewall
considered a basic firewall since it only evaluates the source/destination IP addresses and port numbers (OSI layer 3 and a smidge of layer 4) of traffic, Due to minimal inspection overhead, this firewall is the fastest of the bunch
stateful firewall
improvement over packet-filtering firewalls, stateful firewalls consider the “state” or history of a connection (OSI layer 4) as opposed to focusing only on individual packets. The downside to stateful firewalls is that their overhead results in reduced network performance
application level firewall
an improvement over stateful firewalls, these firewalls con understand the application and protocol data contained in the data portions of the traffic (OSI layers 5, 6, & 7). This additional inspection further reduces network performance
Next-generation firewall
(NGFW)s are designed to replace the “traditional firewalls”. NGFWs include application-level firewall capabilities, but may also add intrusion prevention, user/group-level access, plus the incorporation of intelligence from outside sources like the internet
Next-generation firewall
(NGFW)s are designed to replace the “traditional firewalls”. NGFWs include application-level firewall capabilities, but may also add intrusion prevention, user/group-level access, plus the incorporation of intelligence from outside sources like the internet. Downside is these devices are more complex to manage plus their increased feature set can create more single points of failure
Next-generation firewall
(NGFW)s are designed to replace the “traditional firewalls”. NGFWs include application-level firewall capabilities, but may also add intrusion prevention, user/group-level access, plus the incorporation of intelligence from outside sources like the internet. Downside is these devices are more complex to manage plus their increased feature set can create more single points of failure
router
connects networks to networks in order to forward traffic based on network addresses. Unlike traditional switches, routers utilize the IP protocol (layer 3), which supports inter-networking and patch determination
Hardware security modules
HSMs priced key generation and safeguarding services, speed up specific cryptographic operation on platforms requiring strong authentication, and provide access control capabilities