Network Access Control

Question 1

Jump server

Answer 1

Provides secure access to another system (also jump host) or bastion host, is hardened computer system or server that provides secure access to other computers or systems. Deployed in a screened subnet to provide an additional layer of security. User can access to jum server through secure connection (SSH/VPN) then use a jump server as a gateway to access other systems with the network. Can be used to enforce security policies and provide an audit trial to user activity

Question 2

NAC network access control

Answer 2

Evaluate endpoints for network-access using agents, evaluate endpoint connections prior to admission and enforces access privileges based on pre-admission and post-admission policies

Question 3

Proxy server

Answer 3

Filters and fetches/caches client requests. Intermediary machine between a client and server, which is used to filter or fetch and cache requests made by client. Can be single purpose supporting on protocol, supporting multiple protocols.

Question 4

Post admission policy

Answer 4

NAC policy, regulates and restrict access to once the connection is allowed

Question 5

Rule based IDS engine

Answer 5

Analyze behavior for validation of preconfigured set of rules

Question 6

IDS intrusion detection system

Answer 6

Analyze nad monitor network traffic, intrusion detection system can analyze out band network traffic placement utilizes a positive tap that receives a copy of the network traffic and can process samples, only applies to NIDS (network based intrusion detection/prevention system)

Question 7

Heuristic

Answer 7

Intrusion detection system decision engine, IDS use set of pre-defines rules and algorithms to identify anomalous behavior and patterns which can be adopted and updated over time. Intrusion detection system engine