Domain 4 Flashcards
Network Security
two or more
computers linked together to share
data, information or resources
A network
A local area network (LAN) is
a network
typically spanning a single floor or
building. This is commonly a limited
geographical area
Wide area network (WAN) is
the long-distance connections between geographicallyremote networks
used to connect multiple devices in a network. They are wired devices and are not as smart as switches or routers
Hubs are
a network device
used to filter traffic
A firewall
wired devices that know the addresses of the devices connected to them and route traffic to that port/device rather than retransmitting to all devices. They are smarter than hubs, but not as smart as routers
Switches are
A server is
a computer that provides
information to other computers on a
network
Routers are used to
control traffic flow on
networks and are often used to connect
similar networks and control traffic low
between them. They determine the most efficient “route” for the traffic to flow across the network
Endpoints are
the ends of a network
communication link. One end is often at a
server where a resource resides, and the other end is often a client making a request to use a network resource
Ethernet is
a standard
that defines wired connections of
networked devices. This standard defines the way data is
formatted over the wire to ensure
disparate devices can communicate
over the same cables
Every network device is assigned a
a Media
Access Control (MAC) address
What connects all devices behind the firewall in a small business network?
What is a potential drawback associated with the freedom provided by wireless networking?
Additional vulnerabilities
What does micro-segmentation aid in protecting against?
Polymorphic tool sets
An intrusion occurs
when an attacker
is able to bypass or thwart security
mechanisms and gain access to an organization’s resources
Intrusion detection is
a specific form
of monitoring that monitors recorded
information and real-time events to detect
abnormal activity indicating a potential
incident or intrusion
What term describes a portion of the organization’s network that interfaces directly with the outside world and typically has more security controls and restrictions compared to the rest of the internal IT environment?
Demilitarized zone (DMZ)
What is a potential alternative to expensive dedicated point-to-point connections?
How does a Web Application Firewall (WAF) function in a network?
It monitors all traffic from the outside for malicious behavior before passing commands to a web server
What is the primary purpose of Virtual Local Area Networks (VLANs)?
Consolidate traffic across multiple switch ports
VLANs allow network administrators to use switches to create software-based LAN segments, consolidating traffic across multiple switch ports.
Which of the following tools can be used to grant remote users access to the internal IT environment?
VPN (virtual private network)
A VPN allows external users to gain access to the internal environment securely.
What might a user typically need to acknowledge before being allowed to access the internet in a hotel network?
Acceptable use policy
How are VLANs used in Network Access Control (NAC) systems?
VLANs control whether devices connect to the corporate network or a guest network
What is the function of transfer switches or transformers in a redundant power system?
Enable seamless transition between power sources
In a scenario requiring full redundancy, what should devices have in terms of power supplies?
Two power supplies connected to diverse sources
Why is an abnormal system shutdown in a data center a concern?
It may result in the loss or corruption of data
What is network monitoring or sniffing?
Monitoring traffic patterns to obtain information about a network
What is the purpose of the three-way handshake in networking?
Synchronizing and acknowledging requests
What is the three-way handshake?
SYN, SYN-ACK, ACK
request to establish connection, acknowledgment, acknowledge the connection
Well-known ports
Ports 0-1023, related to the common protocols that
are at the core of the Transport Control
Protocol/Internet Protocol (TCP/IP) model, Domain Name Service (DNS), Simple Mail Transfer Protocol (SMTP), etc.
Registered ports
Ports 1024-49151, often associated with
proprietary applications from vendors and developers. While they are officially
approved by the Internet Assigned
Numbers Authority (IANA), in practice
many vendors simply implement a port of
their choosing. Examples include Remote Authentication Dial-In User Service (RADIUS) authentication (1812), Microsoft SQL Server (1433/1434) and the Docker REST API (2375/2376)
Dynamic or private ports
Ports 49151 - 65535, Whenever a service is requested that is
associated with well-known or registered
ports, those services will respond with a
dynamic port that is used for that session
and then released.
What are well-known ports (0-1023) associated with?
Common protocols at the core of TCP/IP
What is resource pooling in the context of cloud computing?
What is a cloud arrangement in which the provider owns and manages the hardware, operating system, and applications in the cloud, while the customer retains ownership of the data?
What is one of the services offered by many MSPs, where they monitor firewalls and other security tools to provide expertise in triaging events?
Managed Detection and Response (MDR) Service
Which cloud computing model allows an enterprise to scale up new software or data-based services/solutions quickly without massive hardware installation?
Which organization’s definition of cloud computing is commonly used globally?
National Institute of Standards and Technology (NIST)
What is the main purpose of an SLA?
To document specific parameters and minimum service levels
What distinguishes Memoranda of Understanding (MOU) or Memoranda of Agreement (MOA) from Service Level Agreements (SLA)?
MOUs/MOAs are more directly related to what can be done with a system or information, while SLAs specify more intricate aspects of services
Application programming interface (API)
A set of routines, standards, protocols, and tools for building software applications to access a web-based software application or web tool.
Byte
The byte is a unit of digital information that most commonly consists of eight bits.
Encapsulation
Encapsulation
Enforcement of data hiding and code hiding during all phases of software development and operational use. Bundling together data and methods is the process of encapsulation; its opposite process may be called unpacking, revealing, or using other terms. Also used to refer to taking any set of data and packaging it or hiding it in another data structure, as is common in network protocols and encryption.
Domain Name Service (DNS)
Domain Name Service (DNS)
This acronym can be applied to three interrelated elements: a service, a physical server and a network protocol.
File Transfer Protocol (FTP)
File Transfer Protocol (FTP)
The internet protocol (and program) used to transfer files between hosts.
Fragment attack
In a fragment attack, an attacker fragments traffic in such a way that a system is unable to put data packets back together.
Infrastructure as a Service (IaaS)
The provider of the core computing, storage and network hardware and software that is the foundation upon which organizations can build and then deploy applications. IaaS is popular in the data center where software and servers are purchased as a fully outsourced service and usually billed on usage and how much of the resource is used.
Internet Control Message Protocol (ICMP)
Internet Protocol (IPv4)
Standard protocol for transmission of data from source to destinations in packet-switched communications networks and interconnected systems of such networks
Man-in-the-Middle
An attack where the adversary positions himself in between the user and the system so that he can intercept and alter data traveling between them.
Microsegmentation
Microsegmentation
Part of a zero-trust strategy that breaks LANs into very small, highly localized zones using firewalls or similar technologies. At the limit, this places firewall at every connection point.
Packet
Representation of data at Layer 3 of the Open Systems Interconnection (OSI) model.
Payload
The primary action of a malicious code attack.
Platform as a Service (PaaS)
The web-authoring or application development middleware environment that allows applications to be built in the cloud before they’re deployed as SaaS assets.
Payment Card Industry Data Security Standard (PCI DSS)
An information security standard administered by the Payment Card Industry Security Standards Council that applies to merchants and service providers who process credit or debit card transactions.
Simple Mail Transport Protocol (SMTP)
Simple Mail Transport Protocol (SMTP)
The standard communication protocol for sending and receiving emails between senders and receivers.
Software as a Service (SaaS)
The cloud customer uses the cloud provider’s applications running within a cloud infrastructure. The applications are accessible from various client devices through either a thin client interface, such as a web browser or a program interface. The consumer does not manage or control the underlying cloud infrastructure including network, servers, operating systems, storage, or even individual application capabilities, with the possible exception of limited user-specific application configuration settings
Spoofing
Faking the sending address of a transmission to gain illegal entry into a secure system
VLAN
VLAN
A virtual local area network (VLAN) is a logical group of workstations, servers, and network devices that appear to be on the same LAN despite their geographical distribution.
Transport Control Protocol/Internet Protocol (TCP/IP) Model
Internetworking protocol model created by the IETF, which specifies four layers of functionality: Link layer (physical communications), Internet Layer (network-to-network communication), Transport Layer (basic channels for connections and connectionless exchange of data between hosts), and Application Layer, where other protocols and user applications programs make use of network services.
VPN
A virtual private network (VPN), built on top of existing networks, that can provide a secure communications mechanism for transmission between networks.
Zenmap
The graphical user interface (GUI) for the Nmap Security Scanner, an open-source application that scans networks to determine everything that is connected as well as other information.
WLAN
A wireless area network (WLAN) is a group of computers and devices that are located in the same vicinity, forming a network based on radio transmissions rather than wired connections. A Wi-Fi network is a type of WLAN.
Zero Trust
Removing the design belief that the network has any trusted space. Security is managed at each possible level, representing the most granular asset. Microsegmentation of workloads is a tool of the model.
Network model upper layer
Application, layers 5-7
Network model lower layer
Data transport, layers 1-4
Network model layer 1
Physical layer
Network model layer 2
Data link
Network model layer 3
Network
Network model layer 4
Transport
Network model layer 5
Session
Network model layer 6
Presentation
Network model layer 7
Application
What is the primary responsibility of the upper layer (host or application layer) in a network model?
Transforming data into a format that any system can understand
Which layer of the OSI model corresponds to the Internet Layer in the TCP/IP protocol architecture?
Network Layer
What protocol is often used by embedded systems when connected to a corporate network?
TCP/IP
