Perimeter Security Flashcards

1
Q

Perimeter Security

A

Security devices focused on the boundary between the LAN and the WAN in your organization’s network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Firewalls

A

Firewalls screen traffic between two portions of a network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Types of Firewalls

A

§ Software
§ Hardware
§ Embedded

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Packet Filtering

Firewall

A

§ Inspects each packet passing through the firewall and accepts or rejects it based on the rules
§ Stateless Packet Filtering
§ Stateful packet filtering tracks the requests leaving the network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Stateless Packet Filtering

A

Stateless firewalls are designed to protect networks based on static information such as source and destination

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Stateful packet filtering

A

stateful firewalls filter packets based on the full context of a given network connection, stateless firewalls filter packets based on the individual packets themselves

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

NAT Filtering

A

Filters traffic based upon the ports being utilized and type of connection (TCP or UDP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Circuit-Level gateway

A

Operates at the session layer and only inspects the traffic during the establishment of the initial session over TCP or UDP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Explicit Allow

A

Traffic is allowed to enter or leave the network because there is an ACL rule that specifically allows it

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Explicit Deny

A

Traffic is denied the ability to enter or leave the network because there is an ACL rule that specifically denies it

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Implicit Deny

A

Traffic is denied the ability to enter or leave the network because there is no specific rule that allows it

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Layer 3 Firewall Blocks

A

IP addresses

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Layer 4 Firewall Blocks

A

Ports

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Web Application Firewall

A

§ Firewall installed to protect your server by inspecting traffic being sent to a web application
§ A WAF can prevent a XSS or SQL injection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Proxy Server

A

A device that acts as a middle man between a device and a remote server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

IP Proxy

A

IP Proxy is used to secure a network by keeping its machines

anonymous during web browsing

17
Q

Caching Proxy

A
  • Attempts to serve client requests by delivering content from itself without actually contacting the remote server
  • Disable Proxy Auto-Configuration (PAC) files for security
18
Q

Internet Content Filter

A

Used in organizations to prevent users from accessing prohibited websites and other content

19
Q

Web Security Gateway

A

A go-between device that scans for viruses, filters unwanted

content, and performs data loss prevention functions

20
Q

Honeypot

A

A single computer (or file, group of files, or IP range) that might be attractive to an attacker

21
Q

Honeynet

A

A group of computers, servers, or networks used to attract an attacker

22
Q

Data Loss Prevention

A

§ Systems designed to protect data by conducting content inspection of data being sent out of the network
§ Also called Information Leak Protection (ILP) or Extrusion Prevention Systems (EPS)
§ DLP is used to ensure your private data remains secure

23
Q

Network Intrusion Detection Systems

A

§ Attempts to detect, log, and alert on malicious network activities
§ NIDS use promiscuous mode to see all network traffic on a segment

24
Q

Network Intrusion Prevention Systems

A

§ Attempts to remove, detain, or redirect malicious traffic
§ NIPS should be installed in-line of the network traffic flow
§ Should a NIPS fail open or fail shut?
§ NIPS can also perform functions as a protocol analyzer

25
Q

Unified Threat Management

A

§ Combination of network security devices and technologies to provide more defense in depth within a single device
§ UTM may include a firewall, NIDS/NIPS, content filter, anti-malware, DLP, and VPN
§ UTM is also known as a Next Generation Firewall (NGFW)