Lesson 5 - Enterprise Network Architecture Flashcards

1
Q

IP

A

Internet Protocol
- Network (Internet) layer protocol in the TCP/IP suite providing packet addressing and routing for all higher-level protocols in the suite.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

VLAN

A

Virtual Local Area Network
- A logical network segment comprising a broadcast domain established using a feature of managed switches to assign each port a VLAN ID. Even though hosts on two VLANs may be physically connected to the same switch, local traffic is isolated to each VLAN, so they must use a router to communicate.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

EAP

A

Extensible Authentication Protocol
- Framework for negotiating authentication methods that enable systems to use hardware-based identifiers, such as fingerprint scanners or smart card readers, for authentication and to establish secure tunnels through which to submit credentials.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

RADIUS

A

Remote Authentication Dial-In User Service
- AAA protocol used to manage remote and wireless authentication infrastructures.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

TAP

A

Test Access Point
- A hardware device inserted into a cable run to copy frames for analysis.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

SPAN

A

Switched Port Analyzer
- Copying ingress and/or egress communications from one or more switch ports to another port. This is used to monitor communications passing over the switch.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

ICMP

A

Internet Control Message Protocol
- refers to a network protocol used for error reporting and network diagnostics, but it can also be exploited for attacks like DDoS (Distributed Denial of Service).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

PAC

A

Proxy Auto-Configuration
- a JavaScript function that determines whether web browser requests (HTTP, HTTPS, and FTP) go directly to the destination or are forwarded to a web proxy server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

IDS

A

Intrusion Detection System
- A security appliance or software that analyzes data from a packet sniffer to identify traffic that violates policies or rules.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

IPS

A

Intrusion Prevention System
- A security appliance or software that combines detection capabilities with functions that can actively block attacks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

NGFW

A

Next-Generation Firewall
- Advances in firewall technology, from app awareness, user-based filtering, and intrusion prevention to cloud inspection.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

UTM

A

Unified Threat Management
- All-in-one security appliances and agents that combine the functions of a firewall, malware scanner, intrusion detection, vulnerability scanner, data-loss prevention, content filtering, and so on.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

WAF

A

Web Application Firewall
- A firewall designed specifically to protect software running on web servers and their back-end databases from code injection and DoS attacks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

VPN

A

Virtual Private Network
- A secure tunnel created between two endpoints connected via an unsecure transport network (typically the Internet).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

PPTP

A

Point-to-Point Tunneling Protocol
- Developed by Cisco and Microsoft to support VPNs over PPP and TCP/IP. PPTP is highly vulnerable to password cracking attacks and considered obsolete.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

TLS VPN

A

Transport Layer Security VPN
- Virtual private networking solution that uses digital certificates to identify and host and establish secure tunnels for network traffic.

17
Q

AH

A

Authentication Header
- IPSec protocol that provides authentication for the origin of transmitted data as well as integrity and protection against replay attacks.

18
Q

ESP

A

Encapsulating Security Payload
- IPSec sub-protocol that enables encryption and authentication of the header and payload of a data packet.

19
Q

IKE

A

Internet Key Exchange
- Framework for creating a security association (SA) used with IPSec. An SA establishes that two hosts trust one another (authenticate) and agree on secure protocols and cipher suites to use to exchange data.

20
Q

PSK

A

Pre-Shared Key
- a super-long series of seemingly random letters and numbers generated when a device joins a network through a Wi-Fi access point (AP).

21
Q

NAT

A

Network Address Translation
- a technique that translates private IP addresses within a network to a single public IP address, enhancing security by hiding internal devices and networks from direct external access.

22
Q

RDP

A

Remote Desktop Protocol
- Application protocol for operating remote connections to a host using a graphical interface. The protocol sends screen data from the remote host to the client and transfers mouse and keyboard input from the client to the remote host. It uses TCP port 3389.

23
Q

VNC

A

Virtual Network Computing
- Remote access tool and protocol. VNC is the basis of macOS screen sharing.

24
Q

SSH

A

Secure Shell
- Application protocol supporting secure tunneling and remote terminal emulation and file copy. SSH runs over TCP port 22.

25
Q

SFTP

A

Secure File Transfer
- a secure network protocol that uses Secure Shell (SSH) encryption to ensure secure and encrypted file transfers between a client and a server, offering a more secure alternative to the traditional File Transfer Protocol (FTP).

26
Q

OOB

A

Out-of-Band
- Accessing the administrative interface of a network appliance using a separate network from the usual data network. This could use a separate VLAN or a different kind of link, such as a dial-up modem.

27
Q

NAC

A

Network Access Control
- a security approach that restricts access to a private network and sensitive resources, ensuring only authorized and compliant users and devices can connect.