Network Security Flashcards
CC Domain 4
security appliance
general term used to describe a network device that performs some kind of security function
Endpoint
general term used to describe a computing device on a network (such as a laptop, desktop, mobile device, smartphone, tablet, or even a server).
Internet of Things (IoT)
general term that is loosely used to describe devices that historically did not connect to the Internet (or a network) that now have network connectivity.
Application (Layer 7)
consists of protocols used by computer applications to perform certain functions (such as a web browser using the HTTP protocol to access a website).
Presentation (Layer 6)
responsible for translating data from something the user expects to something the network expects (and vice versa) so that it may be transferred over a network.
Session (Layer 5)
responsible for setting up, controlling, and tearing down the connection between applications communicating between two different computers
Transport (Layer 4)
handles end-to-end transport services and the establishment of logical connections between two computers (e.g., a clientserver connection).
Network (Layer 3)
responsible for the routing and route selection for network packets based on logical IP addresses.
Data Link (Layer 2)
responsible for transmitting and delivery of frames throughout a LAN based on the unique physical MAC addresses of the devices on the network.
Physical (Layer 1)
with how bits (binary 1’s and 0’s) are transmitted and received
(TCP/IP) model
The Application Layer of the TCP/IP model
provides various services, processes, and protocols that run on a network and are used by user applications (such as a web browser).
Application, Presentation and Session osi model
Secure Sockets Layer (SSL) and Transport Layer Security (TLS)
protocols are often lumped together in conversation since the SSL protocol was the predecessor to TLS; however, they are different protocols
Host-to-Host Layer of the TCP/IP model
sometimes also called the Transport Layer since it loosely maps to the Transport Layer of the OSI model.
Internet Layer of the TCP/IP model
provides logical addressing and routing of IP network traffic. This layer is sometimes also referred to as the Network Layer because it loosely maps to the Network Layer (Layer 3) of the OSI model.
Network Access Layer of the TCP/IP model
loosely maps to the lower two layers (Layer 1 and Layer 2) of the OSI model (Physical and Data Link, respectively).
conducting Research
primary purpose of the first step in the process of planning a cyberattack is to conduct research about the planned target organization or victim
Identifying Targets
the cyberattacker pieces together the various bits of information collected in the previous phase.
Exploiting Targets
attacker takes advantage of vulnerabilities in systems or networks to gain unauthorized access.
iming and Race Conditions
also called a race condition attack, is an entire family of attacks in which the attacker takes advantage of the time between a sequence of events.
HTTP response splitting
another type of attack where an attacker sends a malicious script to a website.
Pretexting
uses a fake scenario to deceive someone
quid pro quo (QPQ)
exchange of information or goods, such as a purchase.
Password Attacks
can gain access to the data and systems that are their ultimate objective.
Man-in-the Middle Attacks
class of attacks in which a cyberattacker intercepts communication between two entities
Doing Bad Things
include deploying malware, writing scripts, guessing passwords, and using social
engineering and MITM attacks.
Advanced Persistent Threat
stealthy threat actor, typically a state or state-sponsored group, which gains unauthorized access to a computer network and remains undetected for an extended period
Network Segmentation
network design approach that allows organizations to group portions of the network into segments, each acting like a small network.
Demilitarized Zones
network segment that is positioned in between the organization’s
connection to the Internet and their internal networks
purpose of the DMZ is to create a buffer zone between the
organization’s internal network and the outside world.
Network Access Control
technology that allows organizations to implement controls that limit what devices can connect to their network
if you want to connect to a corporate network that is configured for NAC, the network
will not allow your computer to connect until it first checks your computer to see if it meets certain criteria based on a policy.
Internet of Things Security
refers to many different kinds of physical devices that connect to the Internet or IP networks. IoT devices are sometimes called smart devices because they frequently contain processing capability, often in combination with sensors, robotics, and
automation technology.
On-demand self-service
Cloud service customers can configure the computing resources they need (what they need, when they need it), allowing them to tailor resources to their needs.
Rapid elasticity
Cloud service customers can rapidly scale resources (in some cases automatically) as needed to acquire more or less capability.
Resource pooling
Computing resources of the CSP are pooled and shared across multiple consumers (referred to as cloud service customers or tenants) in a manner that abstracts the consumer from the underlying implementation.
Measured service
amount of resources used by the CSC can be automatically metered and measured.
Broad network access
CSC access is enabled over the network and supported by many different client platforms running on a wide variety of endpoint devices (e.g., laptops, desktops, mobile phones).
