Section 15: Security Technologies Flashcards
What is a Firewall?
Uses a set of rules defining the traffic types permitted or denied through device
What is a NextGen Firewall (NGFW)?
Third-generation firewall that conducts deep packet inspection and packet filtering
What is an Access Control List (ACL)?
Set of rules applied to router interfaces that permit or deny certain traffic
What is a Demilitarized Zone (DMZ)?
Connects to devices that should have restricted access from the outside zone (like web servers)
What is Telnet and what is the Port Number?
Sends text-based commands to remote devices and is a very old networking protocol. Port 23
What is Secure Shell (SSH) and what is the Port Number?
Encrypts everything that is being sent and received between the client and the server
What is Remote Desktop Protocol (RDP) and what is the Port Number?
Provides graphical interface to connect to another computer over a network connection. Port 3389
What is a Remote Desktop Gateway (RDG)?
Provides a secure connection using the SSL/TLS protocols to the server via RDP
What is a Virtual Private Network (VPN)?
Establishes a secure connection between a client and a server over an untrusted public network like the Internet
What is Virtual Network Computing (VNC) and what is the Port Number?
Designed for thin client architectures and things like Virtual Desktop Infrastructure (VDI). Port 5900
What is In-Band Management?
Managing devices using Telnet or SSH protocols over the network
What is Out-of-Bound Management?
Connecting to and configuring different network devices using an alternate path or management network
What is an Extensible Authentication Protocol (EAP)?
Allows for more secure authentication methods to be used instead of just a username and a password
What is a Site-to-Site VPN?
Interconnect to sites and provide an inexpensive alternative to dedicated lease lines
What is a Client-to-Site VPN?
Connecting a single remote user back to a corporate network.
Client to Router
What is a Clientless VPN?
Creates a secure, remote-access VPN tunnel using a web browser without requiring a software or hardware client
What is a Split Tunnel VPN?
Routes and encrypts only the traffic bound for the headquarters over the VPN, and sends the rest of the traffic to the regular Internet
Better Performance
What is a Full Tunnel VPN?
Routes and encrypts all network requests through the VPN connection back to the headquarters
More security
What is a Secure Socket Layer (SSL)?
Provides cryptography and reliability using the upper layers of the OSI model, specifically Layers 5, 6, and 7
What is the Transport Layer Security (TLS)?
Provides secure web browsing over HTTPS
What is Internet Security (IPSec)?
Provides authentication and encryption of data packets to create a secure encrypted communication path between two computers
What does CIA stand for?
Confidentiality, Integrity, Authentication
What is Confidentiality?
Using data encryption
What is Integrity?
Ensuring data is not modified in transit
