Devices and Infrastructure Flashcards
Access control list (ACL)
Data file that specified whether a user has access to a specific resource on a computer or network
ACL
access control list
Access point (AP)
The point at which access to a network is accomplished
AP
access point
Active response
A response generated in real time
Alarm
A notification that an unusual condition exists and should be investigated
Alert
An indication that an unusual condition COULD exist and should be investigated
all-in-one
An appliance that performs multiple functions
Analyzer
The component or process that analyzes the data collected by the sensor
Anomalies
Variations from normal operations
Anomaly-detection intrusion detection system (AD-IDS)
Works by looking for deviations from a pattern of normal network traffic
AD-IDS
anomaly-detection intrusion detection system
Application-level proxy
A device or software that recognizes application-specific commands and offers gradual control over them
Authentication header (AH)
An IPSec header used to provide connectionless integrity and data origin authentication; provides protection against replays
AH
authentication header
Compensating controls
Gap controls that fill in the coverage between the other types of vulnerability mitigation techniques
“Where there are holes in coverage, we compensate for them”
Data loss prevention (DLP)
Any systems that monitor and protect data to prevent it from unauthorized use, modification, or destruction
DLP
data loss prevention
Encapsulating Security Payload (ESP)
IPSec header used to provide a mix of security services in IPv4 and IPv6; can be used with IP authentication header (AH)
ESP
encapsulating security payload
Encapsulation
The process of enclosing data in a packet
Host-based IDS (HIDS)
An intrusion detection system that is just based (as opposed to network based)
HIDS
host-based intrusion detection system
Hardware security module (HSM)
A software or appliance stand-alone used to enhance security; commonly used with PKI systems
Implicit deny
A condition that states that u less otherwise given, the permission will be denied
Internet Protocol Security (IPSec)
A set of protocols that enable encryption, authentication, and integrity over IP; commonly used with VPN
HSM
hardware security module
IPSec
Internet Protocol Security
Key management
Management of all aspects of cryptographic keys in a cryptosystem (key generation, storage, etc)
Load balancing
Dividing a load for greater efficiency of management among multiple devices
Network access control (NAC)
The set of standards defined by the network for clients attempting to access it
NAC
network access control
Network intrusion prevention systems (NIPS)
An intrusion prevention system that is network based
NIPS
network intrusion prevention system
Network-based IDS (NIDS)
An approach to an intrusion detection system; placed at a point in the network where it can monitor and report on all network traffic
Passive response
A nonactive response
Ex: logging, monitoring, etc
NIDS
network-based intrusion detection system
Proxy
A type of system that prevents direct communication between a client and a host by acting as an intermediary
Proxy firewall
A proxy server that also acts as a firewall, blocking network access from external networks
Secure Sockets Layer (SSL)
A protocol that secures messages by operating between the Application later (HTTP) and the transport layer
SSL
Secure Sockets Layer
SIEM
Security Information and Event Management
Security Information and Event Management (SIEM)
Combines security information management (SIM) and security event management (SEM) functions to provide real-time analysis of security alerts
Signature-based system
A system that acts based on the digital signature it sees and offers no repudiation to increase the integrity of a message
SSID broadcast
An access point’s broadcasting of the network name
Switch
A network device network that can replace a router in a local network
