Dion - Security Applications and Devices pg13 Flashcards
What is a Firewall?
An application that protects unwanted internet traffic.
What are the different firewalls that come with operating systems?
Windows Firewall (Windows)
PF and IPFW (OSX)
iptables (Linux)
What is IDS?
Intrusion Detection System
Device or software that monitors a network and analyzes the data
What are the two types of IDS?
HIDS - Host-based IDS
NIDS - Network based IDS
What are the three types of detection methods used by an IDS?
Signature based
- Specific string of bytes triggers an alert
Policy based
- Policy rules “No telnet authorized”
Anomaly based
What 4 types of alert exist for an IDS?
True positive
- Malicious activity identified as an attack
False positive
- Legitimate activity identified as an attack
True negative
- Legitimate activity identified as legitimate traffic
False negative
- Malicious activity identified as legitimate traffic
What is the difference between IDS and IPS?
IDS only alerts and logs, IPS also stops activity
What can a HIDS logs be used for?
To recreate an attack!
What are Pop-up Blockers?
Browsers block javascript that creates pop-ups.
Attackers may get money via pay per click
What is DLP?
Data Loss Prevention
- Monitors data when in use, at rest or in transit.
- Detects attempts to steal data
What is a Endpoint DLP System?
- Software
- Monitors data use on a computer
- Can stop a file transfer or alert admin
What is a Network DLP System?
- Software or hardware
- Installed on perimeter of network to detect data in transit
What is a Storage DLP System?
- Software
- Installed on servers in a datacenter
- Inspects data at rest
What is a Cloud DLP System?
- Cloud software
- Protects data in the cloud
What is the BIOS?
Basic Input Output System
- Firmware with instructions on how a computer should accept input and send output
