Chapter 2: Monitoring and Diagnosing Networks Flashcards
A network segment between two firewalls. One is outward facing, connected to the outside world, the other inward facing, connected to the internal network. Public-facing servers, such as web servers, are often placed in the DMZ.
Demilitarized Zone
A network that functions in the same manner as a honeypot.
Honeynet
A fake system designed to divert attackers from your real systems. It is often replete with logging and tracking to gather evidence.
Honeypot
A broad term that applies to a wide range of systems used to manage information security.
Information Security Management System (ISMS)
A system that monitors the network for possible intrusions and logs that activity.
Intrusion Detection System (IDS)
A system that monitors the network for possible intrusions and logs that activity and then blocks the traffic that is suspected of being an attack.
Intrusion Prevention System (IPS)
Any information that could identify a particular individual.
Personally Identifiable Information (PII)
The entire network, including all security devices, is virtualized.
Software-Defined Network (SDN)
A firewall that not only examines each packet but also remembers the recent previous packets.
Stateful Packet Inspection (SPI)
Specifies the requirements for establishing, implementing, maintaining, and continually improving an information security management system within the context of the organization.
ISO/IEC 27001:2013
Recommends best practices for initiating, implementing, and maintaining information security management systems.
ISO 27002
This an agreement on shared or divided security responsibilities between the customer and cloud provider.
CLD.6.3.1
This control addresses how assets are returned or removed from the cloud when the contract is terminated.
CLD.8.1.5
This control states that the cloud provider must separate the customers’ virtual environment from other customers or outside parties.
CLD.9.5.1
This control states that the customer and the cloud provider both must ensure the virtual machines are hardened.
CLD.9.5.2
It is solely the customer’s responsibility to define and manage administrative operations.
CLD.12.1.5