ch 7 Flashcards
• Most common protocol used for LANs
(TCP/IP) transmission Control protocol/ Internet protocol
• TCP/IP uses a four layer architecture what are they?
network interface, internet, transport, application
(SNMP)
Simple Network Management Protocol (basic TCP/IP protocols)
(DNS)
Domain Name System
basic TCP/IP protocols
(FTP)
File transfer protocol
basic TCP/IP protocols
Manages network equipment
Allows administrator to remotely manage, monitor, and configure network devices
Exchanges management information
• (SNMP) Simple Network Management Protocol
• Agents are password protected also known as
common String.
A TCP/IP protocol that maps IP addresses to their symbolic name.
• (DNS) Domain name system
used for transferring files.
• TCP/IP protocol
(FTPS) secure sockets layer encrypts commands- uses ?
SSL or TLS to encrypt commands
•(S/M I M E)
Secure/Multipurpose Internet Mail Extensions
A protocol for securing email messages
• (S/M I M E) Secure/Multipurpose Internet Mail Extensions
what to use to secure voice and video
(SRTP) Secure Real-Time Transport Protocol
what to use to secure time synchronization
(NTP) Network time protocol
what to use to secure email
(S/MIME) Secure/ multipurpose internet mail extensions
what to use to secure web browsing
(HTTPS) Hypertext transport protocol secure
what to use to secure file transfer
secure FTP(SFTP)
what to use to secure remote access
(VPN) Virtual private network
what to use to secure domain name resolution
(DNSSEC) DNS security extensions
what to use to secure routing and switching
(IPSEC) ip security
what to use to secure network address translation
(IPSEC) ip security
what to use to secure subscription services
(IPSEC) IP security
- a separate hardware card that inserts into a web server that contains co-processors to handle S S L/T L S processing
• S S L/T L S accelerator
allows the administrator to configure a switch to copy traffic that occurs on some or all ports to a designated port on the switch
• Port mirrors
- a device that can monitor traffic
• Network tap (test access point)
– monitor traffic for network intrusion detection and prevention devices
Sensors
gather traffic for S I E M devices
Collectors
block traffic for Internet content filters
Filters
used to combine multiple network connections into a single link
Should be located between routers and servers where they can detect and stop attacks directed at a server or application
• Aggregation switch
aggregates and correlates content from different sources to uncover an attack
• Correlation engine
- a hardware device that identifies and blocks real-time distributed denial of service (D D o S) attacks
• DDoS mitigator
A Microsoft Windows feature that prevents attackers from using buffer overflow to execute malware
• (D E P) Data Execution Prevention
- A service that can monitor any changes made to computer files, such as O S files
• (F I C) File integrity check
A means of managing and presenting computer resources without regard to physical layout or location
• Virtualization
a simulated software-based emulation of a computer
The host system runs a hypervisor that manages the virtual operating systems and supports one or more guest systems
• Virtual machine
- The VM monitor program
• Hypervisor
The process of running a user desktop inside a V M that resides on a server
• (V D I) Virtual Desktop Infrastructure
An Ethernet-compliant virtual network that can connect physical computers and/or virtual machines together
• (V D E) Virtual Distributed Ethernet
which allows a virtual machine to be moved to a different physical computer with no impact to users
• live migration
- of a particular state of a virtual machine can be saved for later use
• snapshot
Testing the existing security configuration, can be performed using a simulated network environment
• security control testing
suspicious program can be loaded into an isolated virtual machine and executed
• sandboxing
VMs may be able to “escape” from the contained environment and directly interact with the host O S
• virtual machine escape protection
The widespread proliferation of V M s without proper oversight or management
• Virtual machine sprawl
Enterprises in the past purchased all the hardware and software necessary to run the organization
• On-premises model
- Servers, storage, and the supporting networking infrastructure are shared by multiple enterprises over a remote network connection
• Hosted services
A model for enabling convenient, on-demand network access to a shared pool of configurable computing resources
• Cloud computing
Vendor provides access to the vendor’s software applications running on a cloud infrastructure
• Software as a Service (S a a S)
Consumers install and run their own specialized applications on the cloud computing network
• Platform as a Service (P a a S)
Vendor allows customers to deploy and run their own software, including O S s and applications
• Infrastructure as a Service (I a a S)
All security services are delivered from the cloud to the enterprise
• Security as a Service (SEC a a S)
- A set of software tools or services that resides between the enterprises’ on-premises infrastructure and the cloud provider’s infrastructure
- Acts as a “gatekeeper”
• (C A S B) Cloud access security broker
- Virtualizes parts of the physical network so that it can be more quickly and easily reconfigured
• (S D N) Software defined network
