Intro To Networking Chapter 9 Terms Flashcards
a document that describes the rules governing access to an organization’s information resources, enforcement of these rules, and steps taken if rules are breached
Security Policy
Describes what staff, customers, and business partners can expect for monitoring and reporting network use.
Privacy policy
Explains for what purposes network resources can be used.
Acceptable use policy
Describes how users identify themselves to gain access to network resources. Logon names, password conventions, and authentication methods should be described.
Authentication policy
Explains what constitutes proper or improper use of Internet resources.
Internet use policy
Specifies how and when users are allowed to access network resources. Policies should exist for both onsite and remote access to the network.
Access policy
Explains the manner in which security compliance or violations can be verified and the consequences for violations
Auditing policy
Outlines the policies for backup procedures, virus protection, and disaster recovery.
Data protection
features such as data encryption, complex password requirements, detailed auditing and monitoring of computer and network access, intricate authentication methods, including multifactor authentication, and strict policies governing use of the Internet and e-mail.
Highly Restrictive Security Policies
require passwords for each user but not overly complex passwords. Auditing is geared toward detecting unauthorized logon attempts, misuse of network resources, and network attacker activity.
Moderately Restrictive Security Policies
simple or no passwords, unrestricted access to resources, and probably no monitoring and auditing.
Open Security Policies
Identifying who’s permitted to access which network resources
Authentication and authorization
Making data unusable to anyone except authorized users
Encryption
Allowing authorized remote access to a private network via the public Internet
Virtual private networks (VPNs)
Implementing measures for protecting data and authorizing access to a wireless network
Wireless security
Using a hardware device or software (including firewalls, intrusion detection and prevention systems, and content filters) that protects a computer or network from unauthorized access and attacks designed to cripple network or computer performance
Network security devices
Securing data from software designed to destroy data or make computers and networks operate inefficiently
Malware protection
the authentication protocol used in a Windows domain environment to authenticate logons and grant accounts access to domain resources. An account can be a user or a computer because computers must also authenticate to the domain. _________ provides mutual authentication between a client and server or between two servers
Kerberos
the identity of both parties is verified.
Mutual authentication
industry-standard client/server protocol that centralizes authentication, authorization, and accounting (AAA) for a network.
Remote Authentication Dial-In User Service—RADIUS
not a self-contained authentication protocol; rather, it’s a framework for other protocols that provide encryption and authentication.
Extensible Authentication Protocol
Knowledge—What the user knows, such as a username and password
Possession—What the user has, or possesses, such as a smart card or key
Inherence—What the user is; a unique biometric identifying trait, such as a fingerprint, retina scan, or voice pattern
multifactor authentication (MFA)
works by establishing an association between two communicating devices. An association is formed by two devices authenticating their identities via a preshared key, Kerberos authentication, or digital certificates.
IP Security (IPsec)
a series of letters, numbers, and special characters, much like a password, that both communicating devices use to authenticate each other’s identity.
preshared key
A commonly used VPN protocol in Windows OSs with client support for Linux and Mac OS X, too. Most OSs that support VPN clients support PPTP.
Point-to-Point Tunneling Protocol (PPTP)
a VPN connection is established between two VPN devices
Site-to-site
establishes a VPN connection between a single client computer and a VPN device
Client-to-site
Attackers who drive around looking for wireless LANs (WLANs) to intercept
wardrivers.
the boundary between your network and external networks such as the Internet
network perimeter
a hardware device or software program that inspects packets going into or out of a network or computer, and then discards or forwards the packets based on a set of rules.
firewall
a network device such as a server installed as a decoy to lure potential attackers.
honeypot
virus
A malicious program that spreads by replicating itself into other programs or documents; it usually aims to disrupt computer or network functions by deleting and corrupting files.
virus
a type of malware that doesn’t require another file to spread to other computers; it’s a self-contained program that just needs a computer to be connected to a network
worm
a form of malware that can monitor traffic to and from a computer, monitor keystrokes, and capture passwords
rootkit
a from of malware that appears to be something useful, such as a free utility, but in reality it contains some type of malware
trojan horse
time-dependent malware that can come in different forms. Its main characteristic is that it’s activated when a particular event occurs, such as a specific date and time, or when a particular file is accessed
logic bomb
a type of malware that monitors or controls part of your computer at the expense of your privacy and the gain of some third party.
Spyware
unsolicited e-mail
Spam
a security consultant who detects holes in a system’s security for the purpose of correcting these vulnerabilities.
penetration tester
an automated method for pinging a range of IP addresses
ping scanner
determines which TCP and UDP ports are available on a computer or device
port scanner
a source address inserted into the packet that isn’t the sender’s actual address.
spoofed address
Usually a component of a firewall, a hardware device or software that detects an attempted security breach and notifies the network administrator. An ——– can also take countermeasures to stop an attack in progress.
intrusion detection system (IDS)
A variation of an IDS that can take countermeasures if an attack is in progress. See also intrusion detection system (IDS).
intrusion prevention system (IPS)
