Network+ Chapter 15 Flashcards
Firewalls are usually a combination of ________ and ________?
p. 529
hardware and software.
T or F Firewalls can be placed on top of an existing operating system or be self-contained.
Ture
Define network-based firewall?
p. 530
It’s what companies use to protect their private network from public networks.
This is a firewall that is on a single PC and will protect that single PC only?
p. 530
host-based firewall
T or F Host based Firewalls are normally software based?
p. 530
True
What is the first line of Defense for any network that’s connected to the internet?
p. 531
access control lists (ACLs).
What is Packet Filtering?
pg 537
Packet Filtering refers to the ability of a router or a firewall to discard packets that don’t meet the right criteria.
Which type of filtering do firewalls use?
Pg 537
dynamic packet filtering
Why would you implement a IP Proxy?
p 537
to hide all of your internal IP addresses from hackers.
The first firewalls were developed and worked at which layer of the OSI Model and were also known as_________?
p. 540
Network layer (Layer 3) packet-filter firewalls.
Define the term zone?
pg 545
Its an individual area of the network that has been configured with a specific trust level.
T or F An intrusion detection system cannot detect attacks within encrypted traffic.
p. 548
False
T or F An intrusion detection system is the best way to replace a firewall on your network?
p. 548
False
What are two ways two ways IDSs can detect attacks or intrusions.
p. 548
misuse-detection IDS
anomaly-detection IDS
What is a smart system?
p. 548
it learns on the go by keeping track of and building a history of network activity for norms to which you can compare unusual activity.
What are 3 examples of passive responses?
logging,notification,shunning
What are 3 examples of Active responses
p. 549
Change network config
Terminating Sessions
deceive the attacker
___________is a propriety vulnerability scanning program that requires a license to use commercially yet is the single most popular scanning program in use.
p. 551
Nessus
what are 3 things that Network Mapper also known as NMAP can do?
pp. 551-552
Perform port scanning
Identify versions of network services in operation on the network
Identify operating systems
What is a VPN concentrator?
p. 552
Its a device that creates remote access for virtual private networks VPNs either for users logging in remotely or for a large site-to-site VPN.
___________is a physical security access control system comprising a small space with two sets of interlocking doors, such that the first set of doors must close before the second set opens
mantrap
What are the 3 categories that disasters are classified as?
p. 560
Technological disasters (device failures) Manmade disasters (arson, terrorism, sabotage) Natural disasters (hurricanes, floods, earthquakes)
__________is designed to simulate an attack on a system, network, or application.
p. 565
penetration test
What are three examples of penetration testing?
Blind Test
Double Blind
Target test
____________software runs on one computer to detect abnormalities on that system alone by monitoring applications, system logs, and event logs— not by directly monitoring network traffic.
p. 551
host-based IDS or HIDS
