Lesson 5 - Enterprise Network Architecture Flashcards
IP
Internet Protocol
- Network (Internet) layer protocol in the TCP/IP suite providing packet addressing and routing for all higher-level protocols in the suite.
VLAN
Virtual Local Area Network
- A logical network segment comprising a broadcast domain established using a feature of managed switches to assign each port a VLAN ID. Even though hosts on two VLANs may be physically connected to the same switch, local traffic is isolated to each VLAN, so they must use a router to communicate.
EAP
Extensible Authentication Protocol
- Framework for negotiating authentication methods that enable systems to use hardware-based identifiers, such as fingerprint scanners or smart card readers, for authentication and to establish secure tunnels through which to submit credentials.
RADIUS
Remote Authentication Dial-In User Service
- AAA protocol used to manage remote and wireless authentication infrastructures.
TAP
Test Access Point
- A hardware device inserted into a cable run to copy frames for analysis.
SPAN
Switched Port Analyzer
- Copying ingress and/or egress communications from one or more switch ports to another port. This is used to monitor communications passing over the switch.
ICMP
Internet Control Message Protocol
- refers to a network protocol used for error reporting and network diagnostics, but it can also be exploited for attacks like DDoS (Distributed Denial of Service).
PAC
Proxy Auto-Configuration
- a JavaScript function that determines whether web browser requests (HTTP, HTTPS, and FTP) go directly to the destination or are forwarded to a web proxy server
IDS
Intrusion Detection System
- A security appliance or software that analyzes data from a packet sniffer to identify traffic that violates policies or rules.
IPS
Intrusion Prevention System
- A security appliance or software that combines detection capabilities with functions that can actively block attacks.
NGFW
Next-Generation Firewall
- Advances in firewall technology, from app awareness, user-based filtering, and intrusion prevention to cloud inspection.
UTM
Unified Threat Management
- All-in-one security appliances and agents that combine the functions of a firewall, malware scanner, intrusion detection, vulnerability scanner, data-loss prevention, content filtering, and so on.
WAF
Web Application Firewall
- A firewall designed specifically to protect software running on web servers and their back-end databases from code injection and DoS attacks.
VPN
Virtual Private Network
- A secure tunnel created between two endpoints connected via an unsecure transport network (typically the Internet).
PPTP
Point-to-Point Tunneling Protocol
- Developed by Cisco and Microsoft to support VPNs over PPP and TCP/IP. PPTP is highly vulnerable to password cracking attacks and considered obsolete.
TLS VPN
Transport Layer Security VPN
- Virtual private networking solution that uses digital certificates to identify and host and establish secure tunnels for network traffic.
AH
Authentication Header
- IPSec protocol that provides authentication for the origin of transmitted data as well as integrity and protection against replay attacks.
ESP
Encapsulating Security Payload
- IPSec sub-protocol that enables encryption and authentication of the header and payload of a data packet.
IKE
Internet Key Exchange
- Framework for creating a security association (SA) used with IPSec. An SA establishes that two hosts trust one another (authenticate) and agree on secure protocols and cipher suites to use to exchange data.
PSK
Pre-Shared Key
- a super-long series of seemingly random letters and numbers generated when a device joins a network through a Wi-Fi access point (AP).
NAT
Network Address Translation
- a technique that translates private IP addresses within a network to a single public IP address, enhancing security by hiding internal devices and networks from direct external access.
RDP
Remote Desktop Protocol
- Application protocol for operating remote connections to a host using a graphical interface. The protocol sends screen data from the remote host to the client and transfers mouse and keyboard input from the client to the remote host. It uses TCP port 3389.
VNC
Virtual Network Computing
- Remote access tool and protocol. VNC is the basis of macOS screen sharing.
SSH
Secure Shell
- Application protocol supporting secure tunneling and remote terminal emulation and file copy. SSH runs over TCP port 22.
SFTP
Secure File Transfer
- a secure network protocol that uses Secure Shell (SSH) encryption to ensure secure and encrypted file transfers between a client and a server, offering a more secure alternative to the traditional File Transfer Protocol (FTP).
OOB
Out-of-Band
- Accessing the administrative interface of a network appliance using a separate network from the usual data network. This could use a separate VLAN or a different kind of link, such as a dial-up modem.
NAC
Network Access Control
- a security approach that restricts access to a private network and sensitive resources, ensuring only authorized and compliant users and devices can connect.