Network Security Controls - Techincal Controls Flashcards
Describe these email protocols:
1) PGP
2) S/MIME
3) SMTP
4) POP3
5) IMAP
1) Provides cryptographic privacy and authentication for emails.
2) Is used for sending digitally signed and encrypted emails.
3) Sends messages from one email server to another.
4) Retreives email from a server, once retrieved it is deleted from the server.
5) Retrieves email from a server. Synchronizes to the email server.
Describe these protocols:
1) RADIUS
2) TACACS
3) Kerberos
4) DNSSEC
5) HTTPS
1) Centralized authentication, authorization, and accounting for remote servers to communicate with a central server.
2) Provides AAA of network devices through one or more centralized servers.
3) An authentication method to access a network based on TGT and TGS.
4) A suite of specifications for securing certain tpes of information provided by DNS.
5) Is used to secure communications across the Internet.
Describe these protocols:
1) TLS
2) SSL
3) SRTP
4) LDAP
5) IPSec
1) Ensures secure communcation between client-server application. Supercedes SSL.
2) Uses RSA to ensure secure communcations between client-server models.
3) Used to deliver real-time data such as audio and video streams.
4) Is used to accesss and managing directory services such as AD.
5) Secures IP communications. Mainly used in VPNs and remote user access.
Describe these components of IPSec:
1) Authentication Header (AH)
2) Enscapsulation Security Payload (ESP)
1) Provides the data authentication of the sender.
2) Provides both the data authentication and encryption of the sender.
Describe these protocols:
1) FTP
2) SNMP
3) SSH
4) OAuth
5) OpenID (OIDC)
1) It used for secure file transmission and file access.
2) Used to monitor and manage devices over a network.
3) Is used by Linux and Unix for secure remote login.
4) Allows user to grant limited access to resources from one site to another.
5) Is an authentication protocol that is buil into OAuth
What is Network Segmentation?
Is the practice of splitting a network into smaller networks segments.
Describe these types of Network Segmentation:
1) Physical
2) Logical
3) Virtualization
1) Networks are segmented based on physical components.
2) Utilizes VLANs which are isolated logically without considering physical locations of devices.
3) Combines all available network resources to share these resources amongst the network users using a single admin unit.
What is a Bastion Host?
Is a computer system that is designed and configured to protect network resources from attacks.
Describe these types of Bastion Hosts:
1) Single-homed
2) Multi-homed
3) Internal
1) A firewall with one network interface. All incoming/outgoing traffic is routed through the bastion host.
2) A firewall device with at least 2 network interfaces. Seperates internal and external networks.
3) Resides inside the internal network. Can be single/multi-homed. Network devices communcate directly with bastion host.
What is a DMZ?
A computer subnetwork that is placed between the organizations private network and the Internet. Allows for external users to access organzations servers.
Describe these types of traffic:
1) East-West
2) North-South
1) Traffic between servers in a data centre
2) Traffic between an outside client and a server.
What is a Zer-Trust Network?
Is a model where every user is not trusted by default and needs to verify every incoming connection before allowing access to the network.
What is a Firewall?
Is a hardware/software that is used to monitor and filter incoming and outgoing traffic and prevents unauthorized access to private networks.
Describe these firewalls:
1) Host-based
2) Network-based
3) External
4) Internal
1) Filters inbound/outbound traffic of an individual computer.
2) Filters inbound/oubound traffic across a LAN.
3) Limits acces between protected and public networks. Provides protection for DMZ.
4) Protects one network segment from another.
Describe these Firewall technologies:
1) Packet Filtering
2) Circuit-Level Gateway
3) Application Layer Gateways
4) Stateful Multilayer Inspection
5) Application Proxy
6) NAT
7) VPN
8) NGFW
1) Resides in routers; each packet is compared to a set of criteria before being forwarded.
2) Monitor the TCP handshake to determine whether a session is legitimate or not.
3) Filter packets at the application layer such as HTTP-GET and POST.
4) Combines Application, Circuit-Level and Packet Filtering technologies.
5) Is a proxy server that filters connections between services.
6) Allows multiple LAN devices to use a single IP address.
7) Is a service that creates a secure, encrypted connection over a less secure network, typically the internet. It allows users to send and receive data as if their devices were directly connected to a private network.
8) Is a firewall that is also capable of inspecting packet content, not just port/protocol inspection.
Describe the following:
1) IDS
2) IPS
1) Is a system that sits ‘off to the side’ that monitors traffics and alerts admins about suspicious activites.
2) Is an ‘in-line’ system that allows or block packets depending on established policies.