perimeter defense II Flashcards
a firewall that makes decision by examining information in the IP packet head
packet filtering firewall
stateless
a firewall that makes decision about which traffic to allow based on virtual circuits
statefull inspection firewall
a firewall that makes decision based on information contained within the data portion of a packet
application firewall
this devices stands as a intermediary between a secure network and a private one and is a specific implementation of an application level firewall
proxy server
a _____ firewall inspects traffic as it flows between networks
network based
a ______ firewall inspects traffic received by a host.
host
a packet filtering firewall operates at _____ layer OSI ___
network
3
a stateful inspection firewall operates at _____ layer OSI ___
session
5
a application layer firewall operates at _____ layer OSI ___
application
7
a collection of components that allow administrator to regulate network access on a computer’s compliance with health requirement policies is called
Network access protection (NAP)
a statement that reports the client configuration for health requirements.
statement of health
the server that is responsible for keeping track of health requirements and verifying that clients meet its requirements before gaining access.
NAP server
the ____ server is the connection point for clients to submitting the SoH for validation.
enforcement
_______ servers are a set of resources that a non-compliant computer can have limited access
remediation
a ______ server control access by leasing address only to computers that meet the health requirement
DHCP enforcement
a ______ server can be combined with NAP to allow or deny access based on health compliance
remote desktop gateway
software used to monitor and restrict contents delivered across the web to an end user
internet content filter
the ability to analyze an manage network traffic based on the application layer protocol
application aware devices
a portions of the network that have specific security concerns or requirements
security zones
a session based attack that intercept information passing between two communication partners
man in the middle
a session based attack that extension of a man in the middle attack where the attackers steals an open and active communication session from a legitimate use
TCP/IP hijacking
a session based attack that hijacks a user’s cookies and uses them to take over the session
HTTP hijacking
a session based attack that uses a protocol analyzer to capture authentication information going from the client to the server
replay attack
a session based attack that makes a connection using black username and passwords
null session
a technique that hides the true source of packets
spoofing
this is the first VPN protocol
Point to point tunneling
PPTP
this VPN technology was developed by cisco
layer 2 forwarding (L2F)
the VPN technology is an open standard for secure multi-protocol routing
layer 2 tunneling (L2TP)
_____ runs on the NAP server and identifies the client health requirements.
statement of health validator
the enforcement server forwards the SoH to the ______ server for validation
NAP
what the purpose for remediation servers
to make non-complaint clients compliant
a _______ router translates multiple private addresses into the single registered IP address
network address translation
NAT routers use ______ to associate a port number with a request for a private host
port address translation
