Domain 2.1 Install and configure network components, both hardware- and software based, to support organizational security. Flashcards
Number 1 VPN tunnel in the world
IPSEC
What is a piece of hardware designed to protect one network from another?
Firewall
What does a Packet filtering firewall filter traffic based on?
– Source and Destination IP
– Port Numbers
– Protocols Used
What is another name for a layer 7 firewall?
Application Firewall - Opens and inspects every packet on layer 7 of the OSI model.
Stateful Inspection Firewall
Keeps a state table to track every communication channel.
A list of rules that determine what traffic to block, and what to allow
Access Control List (ACL)
what locally installed security control is Used to prevent application specific protocol and payload attacks?
Application Firewall
A hardware device designed for general network filtering.
– Provides protection for the network.
Network Firewall
_______ firewalls analyzes packets on an individual basis against the filtering ACL.
Stateless
Unless some traffic is explicitly allowed it will be Denied.
Implicitly denied
what is a VPN?
A secure tunnel through an unsecured internet.
What does a VPN do?
Secures the private network, using encryption and other security mechanisms to ensure that only authorized users can access the network and that the data cannot be intercepted
VPN concentrator
Gives all the VPNs a label.
Site-to-Site VPN
Site-to-site refers to the connection of separate sites through a VPN.
Remote access VPN
Remote Access refers to connecting single entities or hosts through a VPN.
At what layer of the OSI model does a VPN operate?
Layer 3 - Network layer.
An IPSEC VPN tunnel uses ___ by default.
AES - Advanced Encryption Standard.
What part of the packet does AH encapsulate
the outside of the packet
What does ESP do?
ESP encapsulates the data inside the packet.
using a pre-existing VPN tunnel to exchange keys is called.
IKE
ISAKMP
a VPN tunnel setup to send symmetric keys across.
IPSEC Tunnel mode
Encrypts the Header, payload and Footer.
IPSEC Transport mode
Encrypts only the payload of the packets.
What type of tunnel routes all traffic across the tunnel?
A full tunnel
What type of tunnel routes only specific traffic across the tunnel, and routes internet bound traffic outside of the tunnel.
Split tunnel
What layer of the OSI model does TLS operate on?
Layer 4 - The Transport Layer
Host based Intrusion detection system (HIDS)
an IDS installed on your specific computer
Network Based intrusion detection system (NIDS)
an IDS on the network, protecting all devices on your network.
What device analyzes data, logs attacks, and notifies you.
Intrusion Detection System