Security Architecture 3 Flashcards

1
Q

What is Device Placement?

A

Describes the network infrastructure of an organization
* Depending on individual needs
* Firewalls, Honeypots, jump server, load balancer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are Security Zones?

A

Structuring the network design based on different zones
* Trusted / Untrusted
* Internal / External

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is Connectivity and how can it be securely achieved?

A

Describes an organizations connection to the internet

Achieved by:
* Secure network cabelling
* Application Level Encrypption
* Network Level Encryption: IPsec tunnels, VPN

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are failure modes?

A

If security fails Device fails, how should it behave?
Fail-Closed
* Block all traffic passing
Fail-Open
* Allow all traffic

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Name device attributes

A

Active / Passive
* Does device needs power or not

Inline
* Network traffic passes through security device that actively inspects and takes actions based on defined rules

Tap/Monitor
* Passive
* Does not participate in traffic flow
* Copying and forwarding of traffic for further analysis

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is a Proxy and what types?

A

Server handling communication between devices by:
* Accepting and forwarding requests
* Filer and modify traffic
* Access restrictions by IP

Forward Proxies
* Between client and server
* inside of own network
* protects traffic to internet

Reverse Proxy
* Places between server and client
* Help with load balancing and caching of content

Open Proxies
* Third party, uncoltrolled
* Security risk often blocked by organizations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Explain the types of load balancers

A

Active / Active
* All servers are connected and ready to use
* TCP offload
* SSL offload
* Caching
* Priorization
* Content switching

Active / Passive
* Some servers are passive or on standby in case active server fail

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Explain components of port security and its two main components

A

EAP - Extensible Authentication Protocol
* Protocol to securely identify and allow devices on a network
* Supports various identification methods

EAP Integrates with 802.1X

802.1X
* Standart that prevents access to the network until authentication succeeds

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is a network-based firewall?

A

Network-based Firewall
* Filter traffic by port number or application
* Traditional Firewalls controlled traffic via TCP/UDP number on Layer 4
* Modern Firewalls are based which application is used on Layer 7
* Encrypt traffic - VPN between sites

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

UTM / Web security gateway

A

Unified Threat Management
Handles many different services:
* URL filter / Content inspection
* Malware Inspection
* Spam filter
* CSU / DSU
* Router, switch
* IDS / IPS
* VPN Endpoint
* Firewall

Disadvantages
* Only operates on layer 4
* Performances drawbacks due to many fucntions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

NGFW

A

Next Generation Firewall
* Operate on Layer 7
* Controls traffic flow based on applications
* Full decode of packet information
* Content filtering

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

WAF

A

Web Application Firewall
* Applies to rules of HTTPS/HTTP traffic
* Allow or deny based on expected input
* SQL injection prevention

How well did you know this?
1
Not at all
2
3
4
5
Perfectly