Chapter 19 Terms and Topics Flashcards
What is the purpose of an ACL?
To manage which traffic can access the network.
An authentication mechanism that provides protection for secure network access.
IEEE 802.1x
Where not all traffic is routed via the VPN. Allows multiple connection paths, some via a protected route.
Split Tunnel VPN
Routes all traffic over the VPN, providing protection to all networking traffic.
Full Tunnel VPN
Security tool that helps protect web applications by filtering and monitoring HTTP traffic between a web application and the internet.
WAF [Web Application Firewall]
Network infrastructure that separates public and private functions into two distinct areas.
Screen Subnet
What types of servers are placed within a screened subnet?
Web servers, remote access servers, and external email servers to name a few.
What is the purpose of a BPDU?
To detect loops in network topologies. It contains information regarding ports, switches, port priority and addresses.
What functions does IPSec perform?
Encrypt application layer data. Provide security for routers sending routing data across the public internet. Provides authentication without encryption and protect network data.
TCP Port 20 for active transfers and Port 990 for implicit connections is used by
FTPS
Set of technologies that work on a network to control traffic and ensure the performance of critical applications with limited network capacity.
QoS
Network data that flows within an enterprise network.
east-west traffic
Data flowing between the enterprise network or data center and the outside of the network.
north-south traffic
Operates forward requests to servers based on a variety of parameters.
Forward Proxy
Sits behind the firewall in a private network and forwards clients requests to the appropriate backend server.
Reverse Proxy
Hardware device that allows network traffic to flow between two end-points in a network without interruption.
TAP [Test Access point]
A network security device that monitors incoming and outgoing network traffic and decides whether to allow or block specific traffic based on a defined set of security rules.
Firewall
An information security system that provides a single point of protection against threats.
UTM [Unified Threat Management]
Network security device that combines traditional firewall capabilities with other network device filtering functions.
NGFW
A method of mapping an IP address space into another by modifying network address information in the IP header of packets while they are in transit across a traffic routing device. It works by selecting gateways that sit between two local networks: the internal network and outside network. It reduces the need for IPv4 public addresses and hides private network address ranges.
NAT [Network Address Translation]
An extension of NAT that permits multiple devise on a LAN to be mapped to a single public IP address to conserve IP addresses.
PAT [Port Address Translation]
A network that has the same functionality as the Internet for users but lies completely inside the trusted area of a network and is under the security control of the system and network administrators.
Intranet
Extension of a selected portion of a company’s intranet to external partners.
Extranet
A security measure that restrict unauthorized users and devices from accessing a corporate or private network.
NAC [Network Access Control]
Code is stored on the host machine for activation and use at time of connection.
Agent-based NAC
The code resides on the network and is deployed to memory for use in a machine requesting connections.
Agentless NAC
Microsoft technology that controls network access of a computer based on its health.
NAP [Network Access Protection]
Technology by Cisco for controlling network admissions.
Cisco NAC [Network Admission Control]
Has TLS replaced SSL?
For the most part, yes. The term SSL will continue to be used for quite some time even though it’s referring to TLS.
Compare and contrast dynamic learning, static learning and sticky learning port security
Dynamic learning allows the switch to learn MAC addresses when they connect. Static Learning is when a specific MAC address is assigned to a port. Sticky learning allows multiple devices to a port, but also stores the information in memory that persists through reboots.
A technique used to prevent network loops and associated outages.
Loop Prevention
An IT security process and technology that checks and analyzes the integrity of critical assets for signs of tampering or corruption.
Integrity Monitoring
Process of sending multiple virtual local area networks over a single physical link or interface.
VLAN trunking
The current version of the HTML protocol, which was developed to handle the modern web content of audio and video as well as to enhance the ability of a browser to function without add ins.
HTML5
An intermediary device responsible for funneling traffic through firewalls using a supervised secure channel.
Jump Server
Takes requests from a client system and forwards them to the destination server on behave of the client. Can be used to filter out undesirable traffic and prevent employees from accessing potentially hostile websites.
Proxy Server
Scanning system that uses AI to detect intrusions and malicious traffic.
Heuristic-based scanning
Uses a database of signatures for known vulnerabilities.
Signature-based scanning
What is the purpose of an HSM?
To manage or store encryption keys.
Having a security perimeter around the network.
Castle-and-moat mode
A security module centered on the belief that you should not trust any request without certifying authentication and authorization.
Zero Trust Mode
What is debsums command used for?
To scan for to config files and make sure their integrity are intact on the Linux OS.
What is the sfc /scannow command used for?
To scan for file integrity in Windows OS.
A logical implementation of a LAN and allows computers connected to different physical networks to act and communicate as if they were on the same network.
VLAN
How do you configure VLANS?
By using a switch port.
A mechanism that limits the lifespan or lifetime of data in a computer or network.
TTL [Time To Live]
An access control method used to prevent unauthorized network access.
MAC Filtering
When a single host is in communication to one server
Affinity-base Scheduling
A device that distributes network or application traffic across a number of servers.
Load Balancer
All servers get a request that is distributed evenly amongst them.
Round Robin
If there is more than one DHCP server on the network, which DHCP server does the client use?
The one that reaches the client first.
An Ethernet MAC bridges standard that includes bridging, Spanning Tree Protocol, and other details.
IEEE 802.1d
A networking standard that supports virtual local area networking (VLANs) on an IEEE 802.3 Ethernet network
IEEE 802.1Q
Provides rapid Spanning Tree reconfiguration capability for MAC bridges.
IEEE 802.1w