security Flashcards
WPA2-Enterprise, unlike WPA2-PSK, requires what to function?
Deploying WPA2-Enterprise requires a RADIUS server, which handles the task of authenticating network users access.
host-based firewalls/IDS/IPS are what?
applications, which can be installed on your servers or workstations.
A ___ is a firewall that operates at Layers 3 and 4 of the OSI network model: network and transport.
packet filter
What is a circuit-level gateway?
A circuit-level gateway is a device that operates as a middleman between two or more systems to help conceal the true identity of the client and server.
What can change the IP address and the TCP/UDP port number of the traffic to allow two networks to communicate that otherwise could not?
circuit-level gateway
What does “state” refer to in a stateful firewall?
In this context, the word state refers to the connection state of a conversation between two computers.
To reduce the number of firewall rules needed to support TCP communication, firewall vendors implemented a feature known as ___.
stateful inspection
What does stateful inspection do?
This feature allows a firewall to identify traffic as conversational and automatically create temporary firewall rules to permit the response traffic to flow back to the sender.
Firewalls that can read application data and inspect the contents of a packet are known as…
layer 7 firewall/application-aware firewalls
Which three levels of the OSI model does stateful inspection require?
In order for a firewall to understand whether there is a conversation going on between two endpoints, it must be able to analyze the address (Layer 3), it must be able to analyze the type of traffic—usually TCP or UDP—which requires Layer 4 inspection, and it must be able to analyze Layer 5 data in order to recognize that a session has been requested and established.
802.1x does what? What does it need to function?
It is an authentication protocol for NAC. It requires an authentication server such as RADIUS.
What is IPSec?
A tunneling protocol used for VPNs.
What 3 capabilities of IPSec?
Encryption
Data integrity check through hashing
Source authentication
stateless firewall
Uses ACL rules to block based on ports, protocol, IP address, and other IP header info.
stateful firewall
Protocol-aware.
Keeps track of active TCP connections with state tables.
Packet filter allows traffic that matches accepted states.
