Chapter 7 - Administering A Secure Network

Question 1

Simple network management protocol (SNMP)

Answer 1

A TCP/IP protocol that exchanges management information between networked devices. It allows network administrators to remotely monitor, manage, and configure devices in the network.

Question 2

Domain name system security extensions (DNSSEC)

Answer 2

An extension to DNS that adds additional resource records and message header information, used to verify that DNS data has not been altered in transmission.

Question 3

File transfer protocol (FTP)

Answer 3

An unsecure TCP/IP protocol that is commonly used for transferring files.

Question 4

FTP Secure (FTPS)

Answer 4

A TCP/IP protocol that uses Secure Sockets Layer or Transport Layer Security to encrypt commands sent over the control port (port 21) in an FTP session.

Question 5

Secure FTP (SFTP)

Answer 5

A secure TCP/IP protocol that is used for transporting files by encrypting and compressing all data and commands.

Question 6

SSL/TLS accelerator

Answer 6

A separate hardware card that inserts into a web server that contains one or more co-processors to handle SSL/TLS processing.

Question 7

Port mirroring

Answer 7

A facility that allows the administrator to configure a switch to copy traffic that occurs on some or all ports to a designated monitoring port on the switch.

Question 8

Network tap (test access point)

Answer 8

A separate device that can be installed on the network for monitoring traffic.

Question 9

Aggregation switch

Answer 9

A device used to combine multiple network connections with not a single link.

Question 10

Correlation engine

Answer 10

A device that aggregates and correlates content from different sources to uncover an attack.

Question 11

DDoS mitigator

Answer 11

A hardware device that identifies and blocks real-time distributed denial of service (DDoS) attacks.

Question 12

Log

Answer 12

A record of events that occur.

Question 13

Data execution prevention (DEP)

Answer 13

A Microsoft Windows feature that prevents attackers from using buffer overflow to execute malware.

Question 14

File integrity check (FIC)

Answer 14

A service that can monitor any changes made to computer files.

Question 15

Application whitelisting

Answer 15

An inventory of applications and associated components (libraries, configuration files, etc.) that have been pre-approved and authorized to be active and present in the device.

Question 16

Removable media control

Answer 16

Tools that can be used to restrict which removable media, such as USB flash drives, can be attached to a system.

Question 17

Advanced malware management

Answer 17

A third-party service that monitors a network for any unusual activity.

Question 18

Virtualization

Answer 18

A means of managing and presenting computer resources by function without regard to their physical layout or location.

Question 19

Hypervisor

Answer 19

Software that manages virtual machine operating systems.

Question 20

Type I hypervisor

Answer 20

A virtual machine management program that runs directly on the computer’s hardware instead of the host operating system.

Question 21

Type II hypervisor

Answer 21

A virtual machine management program that runs on the host operating system.

Question 22

Container (or application cell)

Answer 22

A virtualization environment that holds only the necessary operating system components (such as binary files and libraries) that are needed for a specific application to run.

Question 23

Virtual desktop infrastructure (VDI)

Answer 23

The process of running a user desktop inside a virtual machine that resides on a server for storing sensitive applications and data on a remote server that is accessed through a smartphone.

Question 24

Virtual distributed Ethernet (VDE)

Answer 24

An Ethernet-compliant virtual network that can connect physical computers and/or virtual machines together.

Question 25

Virtual machine escape protection

Answer 25

A security protection that prevents a virtual machine from directly interacting with the host operating system.

Question 26

Virtual machine sprawl

Answer 26

The widespread proliferation of virtual machines without proper oversight or management.

Question 27

Cloud computing

Answer 27

A pay-per-use computing model in which customers pay only for the online computing resources that they need, and the resources can be easily scaled.

Question 28

Public cloud

Answer 28

A cloud in which the services and infrastructure are offered to all users with access provided remotely through the internet.

Question 29

Community cloud

Answer 29

A cloud that is open only to specific organizations that have common concerns.

Question 30

Private cloud

Answer 30

A cloud that is created and maintained on a private network.

Question 31

Hybrid cloud

Answer 31

A combination of public and private clouds.

Question 32

Cloud storage

Answer 32

A cloud system that has no computational capabilities but provides remote file storage.

Question 33

Software as a service (SaaS)

Answer 33

A model of cloud computing in which the vendor provides access to the vendors software applications running on a cloud infrastructure.

Question 34

Platform as a service (PaaS)

Answer 34

A cloud service in which consumers can install and run their own specialized applications on the cloud computing network.

Question 35

Infrastructure as a service (IaaS)

Answer 35

A cloud computing model in which customers have the highest level of control and can deploy and run their own software.

Question 36

Security as a service (SECaaS)

Answer 36

A cloud model in which all security services are delivered from the cloud to the enterprise.

Question 37

Cloud access security broker (CASB)

Answer 37

A set of software tools or services that resides between the enterprises’ on premises infrastructure and the cloud providers infrastructure to ensure that the security policies of the enterprise extend to their data in the cloud.

Question 38

Software defined network (SDN)

Answer 38

Software that virtualizes part of the physical network so that it can be more quickly and easily reconfigured.