Firewalls and Security Flashcards
Enterprise management software designed to mediate access to cloud services by users across all types of devices.
CASB
Functions of CASB?
SSO
Scan for malware
Monitor and audit user and resource activity
mitigate data exfil.
A Layer 3 firewall technology that compares packet headers against ACLs to determine which network traffic to accept.
Packet Filtering
A type of firewall that does not preserve information about the connection between two hosts. Often used to describe packet-filtering firewalls.
Stateless
A technique used in firewalls to analyze packets down to the application layer rather than filtering packets only by header information, enabling the firewall to enforce tighter and more security.
Stateful
A Layer 7 firewall technology that inspects packets at the Application layer of the OSI model.
Cannot examine encrypted data packets unless configured with tls inspector
Application Aware Firewall
A standalone hardware device that performs only the function of a firewall, which is embedded into the appliance’s firmware.
can be deployed via routed layer 3 or bridged layer 2
Appliance Firewall
Application-Based Firewall
A software application running on a single host and designed to protect only that host.
Host-based firewall
Application-Based Firewall
Software designed to run on a server to protect a particular application such as a web server or SQL server.
Application firewall
Application-Based Firewall
A software-based firewall running on a network server OS, such as Windows or Linux, so that the server can function as a gateway or proxy for a network segment.
NOS Firewall
A server that redirects requests and responses for clients configured with the proxy address and port.
Must be configured
port 8080
non-transparent
A process in which a router takes requests from the Internet for a particular application (such as HTTP) and sends them to a designated host on the LAN.
Destination NAT/port forwarding
An appliance or proxy server that mediates client connections with the Internet by filtering spam and malware and enforcing access restrictions on types of sites visited, time spent, and bandwidth consumed.
SWG
Host or network firewall capable of parsing application layer protocol headers and data (such as HTTP or SMTP) so that sophisticated, content-sensitive ACLs can be developed.
NGFW
A firewall designed specifically to protect software running on web servers and their back-end databases from code injection and DoS attacks.
output can be written to log
WAF