LP - Enterprise Infrastructure Security Principles Flashcards
PAZ stnds for
Public access zone
PIZ stands for
Zone interface points
When a firewall or IPS sensor is deployed in a fail-open mode it
if a system or component failure on the device the IP traffic should continue to flow to to zones on the outbound interfaces
Port number for FTP data
20
Port number for FTP command control
21
Port Number for FTPS data
989
Port Number SMTP
25
Port Number SMTPS
465
Port Number HTTP
80
Port Number HTTPS
443
Port Number POP3
110
Port Number POP3S
995
Port Number NNTP
119
Port Number NNTPS
563
Port Number 143
IMAP
Port Number IMAPS
993
Port Number Telnet
23
Port Number SSH/SCP/SFTP
22
Port Number DNS
53
Port Number NTP
123
802.1X PNAC stand for
Port-based Network Access Control
Devices wanting to get on the 802.1X network are called
supplicants
802.1X will reserve ports for non-supplicant devices like
printers
802.1X uses what for authentication
RADIUS or the newer DIAMETER
EAP (extensible authentication protocol) is a framework as opposed to a specific authentication
mechanism
EAPoL stands for
EAP over LAN
Stateful cloud-based Firewall do not have
explicit deny enties
Next generation firewalls operate on OSI layers
5-7
Next generation firewalls do what level of packet inspection
deep
UTM stands for
Unified Threat Management
WAF stands for
Web Application Firewall
WAF is also called
WSG - web security gateway
WAF protects HTTP and HTTPS (TLS) traffic at layers
5 to 7
WAF can protect from
XXS, request forgeries and SQL injections
IPSec is always used over the
internet
The lasest version of TLS is
1.3
