Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Security+ Domain 2 > Security+ 1 > Flashcards

Security+ 1 Flashcards

1
Q

TCP/IP (SYN) = opens a connection (process 3 way handshake) : SYN, SYN/ACK, ACK

0-1023 : well-known ports, 1,024-49,151 : registered ports, 49,152-65,535 : dynamic ports

Ports 137/138/139 : NetBIOS

ICMP Echo Request —> ICMP Echo Reply (PING)

AP has a wired connection that allows devices to use wireless connections.

Bridges : connect 2 networks at layer 2 using MAC addresses.

A

TCP/IP Info Etc …

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Forward Proxy : where proxy server is on clients network, the client is aware of proxy server and remote web servers are not aware of proxy.

Reverse Proxy = sit on remote network and work on servers behalf, client is not aware of remote server.

Transparent Proxy = sit on clients network physically in-between client and internet, they intercept requests for web services and proxy them them on behalf of client and this doesnt work well with SSL/TLS encryption.

A

Forward/Reverse/Transparent Proxy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Load Balancer can : SSL certificate management, URL filtering, other web app security tasks such as limiting access to website for certain IP ranges, have session persistence like caching on a proxy server.

Round-Robin = load balancing load balancer simply rotates servers for each request giving each server an equal share.

A

Load Balancer Etc …

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Active-Active = 2 or more load balancers actively handle network trafic and continue to function with diminished capacity if 1 device fails.

Active-Passive = 1 load balancer handles all traffic while 2nd monitors activity and assumes responsibility if primary load balancer fails.

A

Active/Passive Load Balancers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

VPN’s = IPSec : network layer VPN commonly used for site-site VPN’s but difficult to configure. SSL/TLS : application layer VPN used for remote access VPN’s and easier to configure.

Full-Tunnel VPN : all network traffic leaving connected device is routed through VPN tunnel regardless of final destination.

Split-Tunnel VPN : only traffic destined for corporate network is sent through VPN tunnel, other traffic is routed directly over Internet.

A

VPNs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

IPSec = encrypts entire packet, uses ESP : provides confidentiality and integrity protection for packet payloads. AH : provides intergity and protection for packet headers and payloads. Security Associations (SA) ??? Tunnel Mode (site-to-site VPNs): encrypted tunnels connecting 2 networks together that is transparent to users, Transport Mode (End-User VPNs) : provide encrypted remote network access for individual systems.

A

IPSec …

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Anomaly/behavior-based/heuristic detections are all the same thing, build a baseline of whats normal and anything other than whats normal gets reported by IDS.

IPS Development Modes = In-Band : IPS sits in path of network communications. Out-of-band : doesnt sit inline but sits outside flow of network traffic and can react but not block traffic.

A

Info

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

UTM : perform basic functions of firewall/router = protecting network against attacks, blocking unwanted traffic, routing traffic to and from internet, have VPN connections, IDS, IPS, URL filtering, content inspection, malware inspection, email and spam filtering …

OAuth : authorization protocol works across variety of web services, OpenID Connect : identification and authorization protocol works with OAuth.

A

UTM/OAuth …

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Shadowed Rules : when a rule in a firewall rulebase will never be executed because of its placement in the rulebase. Promiscuous Rules : allows too much access. Orphaned rules : when system is not in use any longer but rules on firewall are not removed.

Router Access Control Lists : Standard Access Control Lists = performs filtering based on source IP address. Extended Access Control Lists = block traffic based on source/destination IP address, source/dest. ports and protocols used for communication.

A

Shadowed Rules / RACLs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

VLAN Pruning : limit unnecessary exposure of VLANs by limited number of switches which are trunked, especially sensitive VLANs.

Port Security : Static port Security = admins manually configure valid MAC addresses for each port, Dynamic Port Security = switches memorize 1st MAC address they see on each port and limits access to that address.

A

VLAN Pruning/Port Security …

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Security+ Domain 2 (3 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions