Chapter 3 - Understanding Devices and infrastructure Flashcards

1
Q

Rene

What consists of TCP 3-way handshake

A

page 86

SYN > SYN/ACK > ACK

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Rene

What is APIs?

A

page 86
Application Programming Interfaces
Allows programmers to create interfaces to the protocol suite

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Rene

What ports does iSCSI use?

A

page 87
Internet Small Computer Systems Interface
Uses ports 860 and 3260 by default for allowing data storage and transfers across the existing network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Rene

When designing a security topology, what are the 7 common element s to consider?

A

page 87

  • DMZs
  • Subnetting
  • VLANs
  • Remote Access
  • NAT
  • Telephony
  • NACs
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Rene

What are the two reasons subnetting is implemented?

A

page 89

  • To use IP address more effectively’
  • To make the network more secure and manageable.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Rene

What tunneling protocol supports encapsulation in a single point-to-point environment.

A

page 90
Point-to-Point Tunneling Protocol (PPTP)
Uses port 1723

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Rene

Which Tunneling protocol is a hybrid of PPTP and L2F?

A

page 91
Layer 2 Tunneling Protocol (L2TP)
It’s primarily a Point-to-Point protocol and supports multiple network protocols and can be used in networks besides TCP/IP.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Rene

What is IPSec?

A

page 91
Is not a tunneling protocol, but it is used in conjunction with tunneling protocols. IPSec provides secure authentication and encryption of data and headers; this makes a good choice for security.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Rene

What acts as proxy between the local area network, and creates a unique opportunity to assist in the security of a network.

A

page 93

Network Address Translation (NAT)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Rene

What are the private address ranges?

A

page 93

  1. 0.0.0. to 10.255.255.255
  2. 16.0.0 to 172.31.255.255
  3. 168.0.0 to 192.168.255.255
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Rene

What does Packet Filter Firewalls Do?

A

page 97
Passes or blocks traffic to specific addresses based on the type of application.
Don’t analyze the data of a packet: it decides whether to pass it based on the packet’s addressing information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Rene

How many NICs does a proxy firewall typically use?

A

page 99

two, referred to as a dual-home firewall

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Rene

Anytime you have a system that is configured with more than one IP address, it can be said to be ____?

A

page 99

Multi-homed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Rene

What type of proxy function reads the individual commands of the protocols that are being served

A

page 99

Application-Level

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Rene

What type of proxy function creates a circuit between the client and the server and doesn’t deal with the contents of the packets that are being processed?

A

page 99

Circuit-Level

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Rene

What splits the traffic intended for a website into individual requests that are then rotated to redundant servers as they become available and shift a load from one device to another?

A

page 103

Load Balancer

17
Q

Rene

What are IDS and how can they be utilized?

A

page 105
A software that runs either on individual workstations or on network devices to monitor and track network activity.

Can be configured to act as a burglar alarm

18
Q

Rene

What are several key terms associated with IDS?

A

page 107
Activity Administrator
Alert Analyzer
Data Source Event
Manager Notification
Operator Sensor

19
Q

Rene

What are IDS four primary approaches?

A
page 109
Behavior-Based_Detection IDS
Signature-Based-Detection IDS
Anomaly-Based-Detection IDS
Heuristic IDS
20
Q

Rene

What attaches itself to the system to a point in the network where it can monitor and report on all traffic, can be in front of or behind the firewall.

A

page 111

Network-Based IDS (NIDS)

21
Q

Rene

What is the most common type of response to many intrusions and in general the easiest to develop and implement?

A

page 113

Passive Response

22
Q

Rene

What are three types of passive response strategies?

A

page 113
Logging
Notification
Shunning

23
Q

Rene

What are three types of active response strategies?

A

page113
Terminating Processes or Sessions
Network Configuration Changes
Deception

24
Q

Rene

What are HIDS?

A

page 116
Host-based IDS
Are designed to run as software on a host computer system

25
Q

Rene

What TWO major problems HIDS aren’t easily overcome?

A

page 117

  • 1st problem involves a compromise of the system.
  • 2nd problem is that it must be deployed on each system that needs it.