Lesson 9 - Network Security Capabilities Flashcards
NAC
Network Access Control
- a security solution that enforces policy on devices seeking to access network resources.
CIS
Center for Internet Security
- a non-profit organization that develops and promotes cybersecurity best practices, including the CIS Controls framework and CIS Benchmarks, to help organizations strengthen their cybersecurity posture and defend against cyber threats.
STIGs
Security Technical Implementation Guides
- a configuration standard developed by the Defense Information Systems Agency (DISA) for securing Department of Defense (DoD) systems and networks, providing technical guidance to harden systems and minimize vulnerabilities.
DISA
Defense Information Systems Agency
BSSID
Basic Service Set Identifier
- a unique MAC address that identifies a Wi-Fi access point or router, allowing devices to distinguish between different APs within a network, and is crucial for network security and troubleshooting
SSID
Service Set Identifier
- A character string that identifies a particular wireless LAN (WLAN).
WPA
Wi-Fi Protected Access
- Standards for authenticating and encrypting access to Wi-Fi networks.
WEP
Wired Equivalent Privacy
- A legacy mechanism for encrypting data sent over a wireless connection, replaced by WPA (Wi-Fi Protected Access)
TKIP
Temporal Key Integrity Protocol
- The mechanism used in the first version of WPA to improve the security of wireless encryption mechanisms, compared to the flawed WEP standard.
WPS
Wi-Fi Protected Setup
- A feature of WPA and WPA2 that allows enrollment in a wireless network based on an eight-digit PIN.
DPP
Device Provisioning Protocol
- also known as Wi-Fi Easy Connect
- a secure and standardized protocol for configuring Wi-Fi devices, offering a streamlined and user-friendly experience for onboarding IoT devices to a network, replacing older methods like WPS
WAP
Wireless Access Point
- a network device that extends wireless coverage.
CCMP
Cipher Chaining Message Authentication Code Protocol
- replaces TKIP (Temporal Key Integrity Protocol) in WPA3
- an authenticated encryption algorithm that combines counter mode encryption with CBC-MAC authentication, providing both confidentiality and integrity during data transfer.
RC
Rivest Cipher 4
- replaced by AES (Advanced Encryption Standard) in WPA3
- a widely used, but
now considered insecure, stream cipher algorithm that encrypts data byte by byte, known for its speed and simplicity, but vulnerable to attacks due to weaknesses in its key-scheduling algorithm.
SAE
Simultaneous Authentication of Equals
- Personal authentication mechanism for Wi-Fi networks introduced with WPA3 to address vulnerabilities in the WPA-PSK method.
AES GCMP
AES Galois Counter Mode Protocol
- replaces AES CCMP in WPA3
- A high performance mode of operation for symmetric encryption. Provides a special characteristic called authenticated encryption with associated data, or AEAD.
PSK
Pre-Shared Key
- A wireless network authentication mode where a passphrase-based mechanism is used to allow group authentication to a wireless network. The passphrase is used to derive an encryption key.
PAKE
EAP-TTLS
Extensible Authentication Protocol - Tunneled Transport Layer Security
- a method that uses a TLS tunnel to protect authentication data, allowing for the use of legacy authentication protocols like PAP or CHAP, while enhancing security against eavesdropping and man-in-the-middle attacks.
PEAP
Protected Extensible Authentication Protocol
- a cybersecurity protocol that enhances wireless network security by encapsulating the Extensible Authentication Protocol (EAP) within a secure Transport Layer Security (TLS) tunnel, protecting authentication data during transmission.
EAPoL
EAP over LAN
- A port-based network access control (PNAC) mechanism that allows the use of EAP authentication when a host connects to an Ethernet switch.
NAC
Network Access Control
- A general term for the collected protocols, policies, and hardware that authenticate and authorize access to a network at the device level.
DHCP
Dynamic Host Configuration Protocol
- used to dynamically assign Internet Protocol (IP) addresses to each host on your organization’s network.
SMTP
Simple Mail Transfer Protocol
- the standard protocol for sending emails
NBAD
Network Behavior and Anomaly Detection
- A security monitoring tool that monitors network packets for anomalous behavior based on known signatures.
UEBA
User and Entity Behavior Analytics
- a cybersecurity solution that uses machine learning and advanced analytics to detect anomalous user and entity behavior, identifying potential threats like insider attacks and compromised accounts that traditional security tools might miss.
NTA
Network Traffic Analysis
- involves monitoring and analyzing network traffic to identify suspicious activity, anomalies, and potential threats, enabling proactive threat detection and response.
N
