Security Infrastructure Flashcards
What does Security Infrastructure encompass?
Hardware, software, networks, data, and policies working cohesively for information asset safeguarding
Name the types of firewalls.
- Web Application
- Unified Threat Management
- Next-generation
What are the mechanisms used by Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS)?
- Identifying trends
- Showcasing signatures
What functions do Network Appliances serve?
- Load Balancing
- Proxying
- Monitoring
- Security Enforcement
What is the basis for Port Security?
Media Access Control (MAC) addresses
What technologies are used for securing network communications?
- VPNs
- IPSec
- TLS
What is the objective of secure network communications?
Create a secure backbone for communication
Define SD-WAN.
Optimize WAN connections with software-defined principles
What does SASE stand for?
Secure Access Service Edge
What are key aspects to consider in infrastructure?
- Device placement
- Security zones
- Screen subnets
- Attack surfaces
What are the failure mode options for security devices?
- Fail-open
- Fail-closed
What are the classifications of ports?
- Inbound
- Outbound
What is a well-known port range?
0-1023
What port is used for SSH?
Port 22
Fill in the blank: The protocol for secure web communication is _______.
HTTPS
What is the purpose of a firewall?
Monitors and controls network traffic based on security rules
What is a screened subnet?
Acts as a security barrier between external untrusted networks and internal trusted networks
Name the types of firewalls.
- Packet Filtering Firewalls
- Stateful Firewalls
- Proxy Firewalls
- Kernel Proxy Firewalls
What distinguishes a Next Generation Firewall (NGFW)?
- Application-aware
- Conducts deep packet inspection
- Operates fast with minimal network performance impact
What is Unified Threat Management (UTM)?
Combines multiple security functions in a single device
What does a Web Application Firewall (WAF) focus on?
Inspecting HTTP traffic
What are the two types of proxy firewalls?
- Session layer (Layer 5)
- Application layer (Layer 7)
What is the role of Access Control Lists (ACLs) in firewalls?
Essential for securing networks from unwanted traffic
What is required for configuring ACLs?
Order of ACL rules specifies the order of actions taken on traffic
What does IDS stand for?
Intrusion Detection Systems
What is the key difference between IDS and IPS?
IDS logs and alerts; IPS logs, alerts, and takes action
What are the types of Intrusion Detection Systems (IDS)?
- Network-based IDS (NIDS)
- Host-based IDS (HIDS)
- Wireless IDS (WIDS)
What is the purpose of a network appliance?
Dedicated hardware device with pre-installed software for specific networking services
What do load balancers do?
Distribute network/application traffic across multiple servers
What is the function of proxy servers?
- Content caching
- Requests filtering
- Login management
What is port security?
A network switch feature that restricts device access to specific ports based on MAC addresses
What does 802.1x provide?
Port-based authentication for wired and wireless networks
What are the two main authentication protocols compared in RADIUS vs. TACACS+?
- RADIUS is cross-platform
- TACACS+ is Cisco proprietary
What is EAP?
Extensible Authentication Protocol
Fill in the blank: EAP-TLS uses _______ for mutual authentication.
public key infrastructure with a digital certificate
What authentication method uses simple passwords and the challenge handshake authentication process?
D5
This method provides remote access authentication but does not ensure mutual authentication.
What is EAP-TLS?
Uses public key infrastructure with digital certificates installed on both the client and server and provides mutual authentication.
What does EAP-TTLS require for authentication?
A digital certificate on the server but not on the client, where the client uses a password for authentication.
What type of authentication does EAP-FAST utilize?
Protected access credential instead of a certificate to establish mutual authentication.
What is the purpose of PEAP?
Supports mutual authentication using server certificates and Active Directory databases to authenticate a password from the client.
What is a characteristic of EAP-LEAP?
Cisco proprietary and limited to Cisco devices.
What enhances network security when combining port security, 802.1X, and EAP?
Ensures only authenticated and authorized devices can access sensitive resources.
What do Virtual Private Networks (VPNs) extend?
Private networks across public networks.
What are the three types of VPN configurations?
- Site-to-site
- Client-to-site
- Clientless
What is the primary benefit of a Site-to-Site VPN?
Connects two sites cost-effectively and encrypts data between them.
What is a Client-to-Site VPN used for?
Connects a single host to the central office, ideal for remote user access.
What distinguishes a Clientless VPN?
Uses a web browser to establish secure remote access without dedicated software.
Fill in the blank: A _______ VPN encrypts and routes all network requests through the VPN.
Full Tunnel
What does a Split Tunnel VPN do?
Divides traffic, routing some through the VPN and some directly to the internet.
True or False: Transport Layer Security (TLS) provides encryption and security for data in transit.
True
What is the purpose of Internet Protocol Security (IPSec)?
Provides confidentiality, integrity, authentication, and anti-replay protection for IP communication.
What are the five key steps in establishing an IPSec VPN?
- Request to start the Internet Key Exchange (IKE)
- Authentication - IKE Phase 1
- Negotiation - IKE Phase 2
- Data transfer
- Tunnel termination
What does IPSec Transport Mode use?
Original IP header and is suitable for client-to-site VPNs.
What is the purpose of the Encapsulating Security Payload (ESP) in IPSec?
Provides confidentiality, integrity, encryption, and replay protection.
What is SD-WAN?
A virtualized approach to managing and optimizing wide area network connections.
What are the benefits of SD-WAN?
- Increased agility
- Enhanced security
- Improved efficiency
What is a key technology in SASE?
Utilizes software-defined networking (SDN) for security and networking services from the cloud.
What components are included in SASE?
- Firewalls
- VPNs
- Zero-trust network access
- Cloud Access Security Brokers (CASBs)
What does the term ‘attack surface’ refer to?
Points where unauthorized access or data extraction can occur.
What are the two modes to handle device failures?
- Fail-open
- Fail-closed
What is the principle of Least Privilege?
Users and systems should have only necessary access rights to reduce the attack surface.
What is the purpose of conducting a Risk Assessment?
Regularly assess threats and vulnerabilities specific to your organization.
