Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

Network Security > Chapter 2 > Flashcards

Chapter 2 Flashcards

1
Q

Agent

A

A malicious software program distributed by a hacker to take over control of a victim’s computers. Also known as a bot or a zombie. Agents are commonly used to construct botnets.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Annualized loss expectancy (ALE)

A

The calculation of the total loss potential across a year for a given asset and a specific threat. ALE calculations are part of risk assessment. ALE SLE ARO.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Annualized rate of occurrence (ARO)

A

A probability prediction based on statistics and historical occurrences on the likelihood of how many times in the next year is a threat going to cause harm. ARO is used in the ALE calculation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Appliance firewall

A

A hardened hardware firewall.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Application layer (Layer 7)

A

The top or seventh layer of the OSI model. This layer is responsible for enabling communications with host software, including the operating system. The Application Layer is the interface between host software and the network protocol stack. The sub-protocols of this layer support specific applications or types of data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Application firewall

A

A type of firewall that filters on a specific application’s content and session information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Application gateway

A

A type of firewall that filters on a specific application’s content and session information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Application proxy

A

A type of firewall that filters on a specific application’s content and session information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Asset value (AV)

A

The cumulative value of an asset based on both tangible and intangible values. AV supports the SLE calculation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Bastion host

A

A firewall positioned at the initial entry point where a network interfaces with the Internet. It serves as the first line of defense for the network. Also known as a sacrificial host.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Border sentry

A

A description often applied to firewalls positioned on network zone transitions or gateway locations.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Botnet

A

A network of zombie/bot/agent– compromised systems controlled by a hacker. The network consists of the bots, agents, or zombies that intercommunicate over the Internet.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Bots

A

Malicious software programs distributed by hackers to take over control of victims’ computers. Also known as agents or zombies. Bots are commonly used to construct botnets.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Bump-in-the-stack

A

A term for a firewall that is implemented via software.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Bump-in-the-wire

A

A term for a firewall that is a separate hardware implementation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Circuit

A

A logical connection between a client and a resource server. May exist at Layer 3, 4, or 5 of the OSI model. Also known as a session or a state.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Circuit firewall

A

A filtering device that allows or denies the initial creation of a circuit, session, or state, but performs no subsequent filtering on the circuit once established.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Circuit proxy

A

A filtering device that allows or denies the initial creation of a circuit, session, or state, but performs no subsequent filtering on the circuit once established.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Closed source

A

A type of software product that is pre-compiled and whose source code is undisclosed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Commercial firewall

A

A firewall product designed for larger networks. Usually a commercial firewall is a hardware device.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Content filtering

A

A form of filtering that focuses on traffic content. Application proxies perform most content filtering.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Cost/benefit analysis

A

The final equation of risk analysis to assess the relative benefit of a counter-measure against the potential annual loss of a given asset exposed to a specific threat.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Data link layer (Layer 2)

A

The second layer of the OSI model responsible for physical addressing (MAC addresses) and supporting the network topology, such as Ethernet.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Dead-man switch

A

A form of auto-initiation switch that triggers when the ongoing prevention mechanism fails. Common dead-man switches include firewalls and hand grenades. If the firewall stops functioning, the connection is severed. If a person dies while holding a live grenade, the safety latch opens and the grenade explodes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
De-encapsulation
The action of processing the contents of a header, removing that header, and sending the remaining payload up to the appropriate protocol in the next higher layer in the OSI model.
26
Dual-homed firewall
A firewall that has two network interfaces. Each network interface is located in a unique network segment. This allows for true isolation of the segments and forces the firewall to filter all traffic moving from one segment to another.
27
Dynamic packet filtering
The process of auto-matically created temporary filters. In most cases, the filters allow inbound responses to previous outbound requests. Also called stateful inspection.
28
Exposure factor
The potential amount of harm from a specific threat stated as a percentage. Used in the calculation of SLE.
29
Fail-safe/Fail-secure
A failure response resulting in a secured or safe level of access or communication.
30
Frame
The collection of data at the Data Link Layer (Layer 2) of the OSI model, defined by the Ethernet IEEE 802.3 standard, that consists of a payload from the Network Layer (Layer 3) to which an Ethernet header and footer have been attached.
31
Gateway
An entrance or exit point to a controlled space. A firewall is often positioned at a gateway of a network to block unwanted traffic.
32
Hardware address
The physical address assigned to a network interface by the manufacturer. Also known as the MAC address.
33
Hardware firewall
An appliance firewall. A hardened computer product that hosts firewall software exclusively.
34
Header
The additional data added to the front of a payload at each layer of the OSI model that includes layer-specific information.
35
Host firewall
A software firewall installed on a client or server.
36
Intangible costs and value
Costs or values not directly related to budgetary funds. They can include but are not limited to research and development, marketing edge, competition value, first to market, intellectual property, public opinion, quality of service, name recognition, repeat customers, loyalty, honesty, dependability, assurance, reliability, trademarks, patents, privacy, and so on.
37
Internet COntrol Message Protocol (ICMP)
A commonly used protocol found in the Network Layer (Layer 3). ICMP rides as the payload of an IP packet. ICMP supports network health and testing. Commonly abused by hackers for flooding and probing attacks.
38
IP address
The temporary logical address assigned to hosts on a network. An IP address is managed and controlled at the Network Layer (Layer 3) of the OSI model by IP (Internet Protocol). IPv4 addresses are 32-bit addresses presented in human-friendly dotted-decimal notation. IPv6 addresses are 128-bit address presented in a special hexadecimal grouping format.
39
Load Balancer
A system or device (hardware or software) that takes the load coming into a set of servers and ensure that the load is balanced between or among the servers.
40
Logical address
A temporarily assigned address given to a host. IP address is a common example of a logical address. Most logical addresses exist at the Network Layer (Layer 3) of the OSI model.
41
Network Layer (layer 3)
The third layer of the OSI model. This layer is responsible for logical addressing (IP addresses) and routing traffic.
42
Open source
A type of software product that may or may not be pre-compiled and whose source code is freely disclosed and available for review and modification.
43
Packet
The collection of data at the Network Layer (Layer 3) of the OSI model. It consists of the payload from the Transport Layer (Layer 4) above and the Network Layer header. IP packets are a common example.
44
Payload
The non-header component of a PDU/ segment/packet/frame. The payload is the data received from the layer above that includes the above layer's header and its payload.
45
Personal firewall
Typically a software host firewall installed on a home computer or network client. Can also refer to SOHO hardware firewalls such as those found on DSL and cable modems and wireless access points.
46
Physical address
The hardware address assigned to a network interface by the manufacturer. Also known as the MAC address.
47
Physical Layer (layer 1)
The bottom or first layer of the OSI model. This layer converts data into transmitted bits over the physical network medium.
48
Port forwarding
The function of routing traffic from an external source received on a specific pre-defined IP address and port combination (also known as a socket) to an internal resource server. Also known as reverse proxy and static NAT.
49
Port number
The addressing scheme used at the Transport Layer (Layer 4) of the OSI model. There are 65,535 ports, each of which can in theory support a single simultaneous communication.
50
Presentation layer (Layer 6)
The sixth layer of the OSI model translates the data received from host software into a format acceptable to the network. This layer also performs this task in reverse for data coming from the network to host software.
51
Public key infrastructure (PKI)
A combination of several cryptographic components to create a real-world solution that provides secure communications, storage, and identification services. Commonly uses symmetric encryption, asymmetric/public key encryption, hashing, and digital certificates. In most cases, when PKI refers to authentication, digital certificates are used as credentials.
52
Reverse proxy
The function of routing traffic from an external source received on a specific pre-defined IP address and port combination (also known as a socket) to an internal resource server. Also known as port forwarding and static network address translation (NAT).
53
risk assessment
Risk assessment is the process of examining values, threat levels, likelihoods, and total cost of compromise versus the value of the resource and the cost of the protection. This involves the use of values and calculations, such as AV, EF, SLE, ARO, ALE, and the cost/benefit equation.
54
risk management
Performing risk assessment, and then acting on the results to reduce or mitigate risk. Often risk assessment establishes a new security policy and then aids in revising it over time.
55
rule set
The list of rules on a firewall (or router or switch) that determine what traffic is and is not allowed to cross the filtering device. Most rule sets employ a first-match-apply-action process.
56
rule
A written expression of an item of concern (protocol, port, service, application, user, IP address) and one or more actions to take when the item of concern appears in traffic. Also known as a filter or ACL.
57
sacrificial host
A firewall positioned at the initial entry point where a network interfaces with the Internet serving as the first line of defense for the network. Also known as a bastion host.
58
Screening router
A router that can perform basic static packet filtering services in addition to routing functions. A screening router is the predecessor of modern firewalls.
59
Secure Sockets Layer (SSL)
A security protocol that operates at the top of the Transport Layer (Layer 4) and resides as the payload of a TCP session. Netscape designed SSL in 1997 for secure Web e-commerce, but it can encrypt any traffic above the Transport Layer. It uses public key certificates to identify the endpoints of session and uses symmetric encryption to protect transferred data. SSL v3.0 is the last version of SSL; TLS is replacing SSL.
60
Segment
The collection of data at the Transport Layer (Layer 4) of the OSI model. It consists of the payload from the Session Layer (Layer 5) above and the Transport Layer header. TCP segments are a common example. (Note: UDP segments are called datagrams as they are connectionless, rather than connection-oriented).
61
Session
A logical connection between a client and a resource server. May exist at Layer 3, 4, or 5 of the OSI model. Also known as a circuit or a state.
62
Session Layer (layer 5)
The fifth layer of the OSI model. This layer manages the communication channel, known as a session, between the endpoints of the network communication. A single transport layer connection between two systems can support multiple simultaneous sessions.
63
Single Loss expectancy (SLE)
The calculation of the loss potential across of a single incident for a given asset and a specific threat. SLE calculations are part of risk assessment. SLE AV EF.
64
Socket
The combination of an IP address and a port number as a complete address.
65
Software Firewall
A host firewall installed on a client or server.
66
Spoofing
The falsification of information. Often spoofing is the attempt to hide the true identity of a user or the true origin of a communication.
67
State
A logical connection between a client and a resource server. May exist at Layer 3, 4, or 5 of the OSI model. Also known as a session or a circuit.
68
Stateful inspection
The process of automatically tracking sessions or states to allow inbound responses to previous outbound requests. Also called dynamic packet filtering.
69
Static NAT
The static coding of a translation pathway across a NAT service. Also known as port forwarding and reverse proxy.
70
Static packet filtering
A method of filtering using a static or fixed set of rules to filter network traffic. The rules can focus on source or destination IP address, source or destination port number, IP header protocol field value, ICMP types, fragmentation flags, and IP options. Static packet filtering is therefore mainly focused on the Network Layer (Layer 3), but can also include Transport Layer (Layer 4) elements. Static packet filtering focuses on header contents and does not examine the payload of packets or segments.
71
Tangible Costs and Value
Costs or values directly related to budgetary funds. They can include, but are not limited to: purchase, license, maintenance, management, administration, support, utilities, training, troubleshooting, hardware, software, updates/upgrades, and so forth.
72
Transmission Control Protocol (TCP)
The connec-tion-oriented protocol operating at the Transport Layer (Layer 4) of the OSI model.
73
Transport Layer (Layer 4)
The fourth layer of the OSI model. This layer formats and handles data transportation. This transportation is independent of and transparent to the application.
74
Transport Layer security (TLS)
A security protocol that operates at the top of the Transport Layer (Layer 4) and resides as the payload of a TCP session. It uses public key certificates to identify the endpoints of session and uses symmetric encryption to protect transferred data. TLS 1.0 is the replacement for SSL 3.0.
75
Transport mode encryption
A form of encryption also known as point-to-point or host-to-host encryption. Transport mode encryption protects only the payload of traffic and leaves the header in plain-text original form.
76
triple-homed firewall
A firewall that has three network interfaces. Each network interface is located in a unique network segment. This allows for true isolation of the segments and forces the firewall to filter all traffic traversing from one segment to another.
77
tunnel mode encryption
A form of encryption also known as site-to-site, LAN-to-LAN, gateway-to-gateway, host-to-LAN, and remote access encryption. Tunnel mode encryption performs a complete encapsulation of the original traffic into a new tunneling protocol. The entire original header and payload are encrypted and a temporary link or tunnel header guides the data across the intermediary network.
78
User Datagram Protocol (UDP)
The connectionless protocol operating at the Transport Layer (Layer 4) of the OSI model.
79
Zombie
A malicious software program distributed by a hacker to take over control of a victim's computer. Also known as a bot or an agent. Zombies are commonly used to construct botnets (or zombie armies).
80
Zone of risk
Any segment, subnet, network, or collection of networks that represent a certain level of risk. The higher the risk, the higher the security need to protect against that risk. The less the risk of a zone, the lower security need because fewer threats exist or existing threats are less harmful. The flip side of risk zones is zones of trust.
81
Zone of trust
Any segment, subnet, network, or collection of networks that represent a certain level of trust. Highly trusted zones require less security, while low trusted zones require more security. The flip side of trust zones is zones of risk.

Network Security (4 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions