Network Access Control Flashcards

1
Q

Jump server

A

Provides secure access to another system (also jump host) or bastion host, is hardened computer system or server that provides secure access to other computers or systems. Deployed in a screened subnet to provide an additional layer of security. User can access to jum server through secure connection (SSH/VPN) then use a jump server as a gateway to access other systems with the network. Can be used to enforce security policies and provide an audit trial to user activity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

NAC network access control

A

Evaluate endpoints for network-access using agents, evaluate endpoint connections prior to admission and enforces access privileges based on pre-admission and post-admission policies

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Proxy server

A

Filters and fetches/caches client requests. Intermediary machine between a client and server, which is used to filter or fetch and cache requests made by client. Can be single purpose supporting on protocol, supporting multiple protocols.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Post admission policy

A

NAC policy, regulates and restrict access to once the connection is allowed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Rule based IDS engine

A

Analyze behavior for validation of preconfigured set of rules

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

IDS intrusion detection system

A

Analyze nad monitor network traffic, intrusion detection system can analyze out band network traffic placement utilizes a positive tap that receives a copy of the network traffic and can process samples, only applies to NIDS (network based intrusion detection/prevention system)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Heuristic

A

Intrusion detection system decision engine, IDS use set of pre-defines rules and algorithms to identify anomalous behavior and patterns which can be adopted and updated over time. Intrusion detection system engine

How well did you know this?
1
Not at all
2
3
4
5
Perfectly