Operation of Infrastructure

Question 1

Secure Network Components

Answer 1

make up the backbone of the logical infrastructure for an organization. These components are often critical to day to day operations, and an outage or security issue can be very costly

Question 2

Modems

Answer 2

Provide modulation/demodulation of binary data into analog signals for transmission. A type of channel service unit (CSU)/Data Service Unit (DSU) typically used for converting analog signals into digital.

Question 3

Channel Service Unit (CSU)

Answer 3

Handles communication to the provider network

Question 4

Data Service Unit (DSU)

Answer 4

Handles communication with internal digital equipment (in most cases, a router)

Question 5

Firewalls

Answer 5

Essential tools in managing and controlling network traffic. Used to filter traffic

Question 6

Switch

Answer 6

repeats traffic only out of the port on which the destination is known to exist. Offer greater efficiency for traffic delivery, create separate collision domains, and improve the overall throughput of data. Usually operates on layer 2 but sometimes layer 3

Question 7

Routers

Answer 7

Used to control traffic flow on networks and are often used to connect similar networks and control traffic flow between the two. Operates on layer 3

Question 8

Gateways

Answer 8

connects networks that are using different network protocols. Also known as the protocol translators, can be stand alone hardware devices or a software service. Operates on layer 3

Question 9

Repeaters, Concentrators, and Amplifiers

Answer 9

used to strengthen the communication signal over a cable segments as well as connect network segments that use the same protocol. operates on layer 1

Question 10

Bridges

Answer 10

Used to connect two networks (even networks of a different topologies, cabling types, and speeds) in order to connect networks segments that used the same protocol. operates on layer 2

Question 11

Hubs

Answer 11

were used to connect multiple systems and connect network segments that use the same protocol. A multiport repeater. Operates on layer 1

Question 12

LAN Extenders

Answer 12

A remote access, multilayer switch used to connect distant networks over WAN links

Question 13

Static Packet Filtering Firewalls

Answer 13

Filters traffic by examining data from a message header (source/destination address, ports, protocol) Operates on the Network Layer

Question 14

Application Level Firewalls

Answer 14

filters traffic based on a single internet service, protocol, or application. Operates at application layer

Question 15

Circuit Level Firewalls

Answer 15

Used to establish communication sessions between trusted partners. Operate at the session layer

Question 16

Stateful Inspection Firewalls

Answer 16

Evaluate the state, session, or the context of network traffic. In order words review the header

Question 17

Deep Packet Inspection Firewalls

Answer 17

filtering mechanism that operates typically at the application layer in order to filter the payload contents of communication rater than only on the header values. In other words review the payload.

Question 18

Web Application Firewalls (WAF)

Answer 18

Protects web applications by filtering and monitoring HTTP traffic between a web application and the internet.
Typically protects web applications from common attacks like XSS, CSRF, and SQL injection

Question 19

Next Generation Firewalls (NGFW)

Answer 19

a deep packet inspection firewall that moves beyond port/protocol inspection and blocking.
Adds application-level inspection, intrusion prevention, and brings intelligence from outside the firewall

Question 20

Redundant Power

Answer 20

Typically used with components such as servers, routers, and firewall. Paired with other types of redundancies to provide high availability.

Question 21

Warranty and Support

Answer 21

Orgs should maintain a current and active warranty on all network devices to provide coverage in the event of a system mulfunction.

Question 22

Bastion Host

Answer 22

A type of firewall or host computer that is exposed on the internet and has been hardened by removing all unnecessary elements such as services, programs, protocols, and ports

Question 23

Screen Host

Answer 23

is a firewall protection system logically positioned just inside a private network. Is the most secure option

Question 24

Screened Subnet

Answer 24

Creates a DMZ network between trusted and untrusted

Question 25

Proxy Server

Answer 25

functions on the behalf of the client requesting service, masking the true origin of the request to the resource.

Question 26

Wireless Access Points (WAP)

Answer 26

Network device that allows wireless enabled devices to connect to a wired network. Connects directly to a wired LAN and then provides wireless connections into that wired LAN using Wifi.