Chapter 3: Network Technologies and Tools Aconyms and Defintions Flashcards
MAC
Media Access Control
IP
Internet Protocol
TCP
Transmission Control Protocol
Connection-oriented protocol that provides guarenteed delivery
UDP
User Datagram Protocol
Connectionless protocol that provides âbest effortâ delivery
FTP
File Transfer Protocol
Uploads and downloads files to and from an FTP server.
Transmits data in clear text
TFTP
Trivial File Transfer Protocol
Used to transfer a smaller amounts of data, such as when communicating with network devices
SSL
Secure Sockets Layer
Primarily used to secure HTTP traffic as HTTPS
Has been compromised and is not recommended for use
TLS
Transport Layer Security
Replacement for SSL
Secure HTTP traffic as HTTPS
IPsec
Internet Protocol Security
Used to encrypt IP traffic
SSH
Secure Shell
Encrypts data traffic it transittransit and can be used to encrypt other protocols such as FTP
SCP
Secure Copy
Based on SSH and used to copy and encrypted files over a network
SFTP
Secure File Transfer Protocol
Secure implementation of FTP
And extinction of secure shell using SSH to transmit the files in an encrypted format
FTPS
File Transfer Protocol Secure
Another secure implementation of FTP.
It uses TLC to encrypt FTP traffic
SMTP
Simple Mail Transfer Protocol
Transfers, mail between clients and SMTP servers
SMTPS
Simple Mail Transfer Protocol Secure
Adds TLS encryption
POP3
Post Office Protocol
Transfers emails from servers to end users
IMAP
Internet Message Access Protocol
Used to store email on a mail server and it allows you to organize and manage email and folders on the server
HTTP
Hyper Text Transfer Protocol
Transmits web traffic between web service and browsers
HTTPS
Hyper Text Transfer Protocol Secure
Adds TLS encryption to protect the data
SPF
Sender Policy Framework
Uses DNS records to define which IP addresses are authorized to send emails on behalf of a domain
DKIM
DomainKeys Identified Mail
Uses public key photography to sign in verify an emails domain and content
DMARC
Domain-based Message Authentication, Reporting, and Conformance
Builds on top of SPF and DKIM by allowing domain owners to set policies for how to handle emails that fail authentication checks
AD DS
Microsoft Active Directory Domain Services
Database of objects that provides a central access point to manage users, computers, and other directory objects.
LDAP
Lightweight Directory Access Protocol
Specifies the formats and methods used to query directories, such as Microsoft AD DS
LDAPS
Lightweight Directory Access Protocol Secure
To protect LDAP it encrypts data with TLS
RTP
Real-time Transport Protocol
Delivers audio and video of IP networks
VoIP
Voice over Internet Protocol
Communications, streaming media, video teleconferencing applications, and devices using web-based push to talk features
SRTP
Secure Real-time Transport Protocol
Provides encryption, message authentication, and integrity for RTP
SIP
Session Initiation Protocol
Used to initiate, maintain, and terminate voice, video, and messaging sessions.
Uses request and response messages (text) when establishing a session
GPO
Group Policy Object
RDP
Remote Desktop Protocol
Used to connect to others systems from remote locations.
NTP
Network Time Protocol
Most commonly used protocol for time synchronization, allowing their systems to synchronize their time to within tens of milliseconds.
DHCP
Dynamic Host Configuration Protocol
Dynamically assigned IP addresses to host
Also assigns other TCP and IP information such as subnet mask, default gateways, DNS server addresses and much more.
ISPs
Internet Service Provider
Companies who provide Internet service
IANA
Internet Assigned Numbers Authority
IETF
Internet Engineering Task Force
DNS
Domain Name System
For domain resolution, resolves hostnames to IP address
A
Host Record
A record that holds the host name and IPv4 address and is the most used record in a DNS server
AAAA
Record that holds the host name for IPv6 address.
MX
Mail Exchange
A record that identifies a mail server used for mail.
CNAME
Canonical Name or Alias
Allows a single system to have multiple names associated with a single IP address.
SOA
Start of Authority
Records include information about a domain or zone and some of its settings
TTL
Time to Live
A setting used to determine how long to cache
DNS results
TTL times are in seconds, and lower times cause clients to renew the records more often.
DNSSEC
Domain Name System Security Extensions
Used to prevent DNS cache poisoning
A suite of extensions to DNS that provides validation for DNS responses.
RRSIG
Resource Record Signature
Referred to as a digital signature and provides data, integrity and authentication for DNS replies
RSTP
Rapid Spanning Tree Protocol
Provides both broadcast storm prevention and loop prevention for switches
BPDU
Bridge Protocol Data Unit
Messages that STP sends to detect loops
Edge Port
A switch port connected to a device, such as computer, server, or printer.
BPDU Guard
Bridge Protocol Data Unit Guard
Monitors the ports for unwanted BPDU messages
ACLs
Access Control Lists
Rules implemented on routers and on firewalls to identify what traffic is allowed and what traffic is denied.
Implicit Deny
Dictates that all traffic that isnât explicitly allowed is explicitly denied
Route Command
A command used to display or modify systems, routing table on both Windows and Linux systems.
SNMP
Simple Network Management Protocol
Monitors and manages network devices such as routers or switches
SNMPv3 Encrypts credentials before sending them over the wire.
Firewall
Filters, incoming and outgoing traffic for a single host or between networks
Host-based Firewall
Monitors traffic going in and out of a single host, such as a server or workstation âmonitors traffic passing through the NIC
Network-Based Firewall
Protects an entire network, and usually a network appliance meaning sold as a hardware unit that already contains all of the software necessary to run as a firewall.
Stateless Firewalls
Uses rules implemented in access control lists to identify allowed and blocked traffic
Treats each network packet that they see as a new event and donât track any information
Stateful Firewall
Inspect traffic and makes decisions based on the traffic context or state keeping track of established sessions inspects traffic based on a state within a session and it blocks traffic that isnât a part of an established session.
WAF
Web Application Firewall
A firewall specifically designed to protect a web application, usually placed between the web server and the web server clients.
NGFW
Next-Generation Firewall
An advanced firewall that performs deep packing inspection, adding application level inspection as a core feature.
Fail-open
The system allows everything to pass through the system when it fails
Fail-closed
A system allows nothing to pass through the system when it fails
Intranet
An Internet is an internal network
Used by people to communicate and share content with each other
Extranet
Part of a network that can be accessed by authorized entities from outside of the network
DMZ
Demilitarized Zone
Know as screened subnet, a security zone between a private network in the Internet. Providing a layer of protection for these Internet facing servers while allowing clients to connect to them.
CA
Certificate Authority
NAT
Network Address Translation
A protocol that translates public IP addresses to private IP addresses and private IP addresses back to public
PAT
Port Address Translation
A commonly used form of NAT.
Static NAT
Static Network Address Translation
Uses a single public IP address in a one-to-one mapping
Dynamic NAT
Dynamic Network Address Translation
Uses multiple public IP addresses in a one-to-many mapping and decides which public IP address to use based on load.
SCADA
Supervisory Contoel and Data Acquisition
Air Gap
A gap of air between an isolated system and other systems.
VLAN
Virtual Local Area Network
Used by switches to segment traffic between logical groups of users or computers
Proxy Server
Used to forward request for services for clients also can improve performance by caching content and some proxy servers can restrict users access to inappropriate websites by filtering content.
Content Filtering
Allows organizations to create block rules that restrict web use.
Reverse Proxy
Accepts requests from the Internet, typically for a single web server. It appears to clients as a web server, but is forwarding the requests to the web server and serving the pages returned by the web server.
UTM
Unified Threat Management
A single solution that combines multiple security controls
Goal is to provide better security while also simplifying management requirements
Jump Server
Aka Jump Box
A hard server used to access and managed devices in a different securities zone
ZTNA
Zero Trust Network Access
A philosophy thatâs end goal is to achieve threat scope reduction, decreasing the risk to the organization.
PEP
Policy Enforcement Point
A system used zero-trust environment when a user or system wants to access a resource.
Control Plane
A network where communications are used to control and configure the network.
Data Plane
Communications used by end users and software to communicate with each other take place here.
PE
Policy Engine
Decides whether to grant access to a resource for a given subject
PA
Policy Administrator
Responsible for communicating the decisions made by the PE to the tools on the network
PDP
Policy Decision Point
PE and PA together
3 Data Plane Components
Subject
System
Enterprise Resource
SASE
Secure Access Service Edge
Builds on Zero Trust
â˘Firewall services
â˘Secure web gateway
â˘Anti-malware
â˘Intrusion Prevention Services
â˘Cloud access service broker (CASB)
â˘Data Loss Prevention (DLP)
OSI MODEL
Physical, Data Link, Network, Transport, Session, Presentation, Application.
(Please Do Not Throw Sausage Pizza Away)
