Security Technology Placement 3.2 Flashcards

1
Q

Sensors and Collectors

A

Gathers information from network devices. They are built-in sensors integrated into switches, routers, servers, firewalls etc.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Sensors

A

Sensors collect raw data. Intrusion prevention systems, firewall logs, authentication logs, etc, will all be very different.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Collectors

A

Collectors job is to bring all that raw data to once place to make sense of all the data. There are a variety of ways/systems to collect the data. Many SIEM’s include a correlation engine to compare diverse data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

DDoS Mitigation

A

There are ways to resist DDoS and minimize the impact. Cloud-based internet provider. All your users connect to a reverse proxy to determine if traffic is legit or not. On-site IPS rules that recognize popular DDoS attacks. DDoS filtering on firewall.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Taps and Port Mirrors

A

If you work in IT, at some point you will need to capture packets for analysis. In order to do this, you have some options.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Physical Tap

A

A physical tap can be placed in the middle of a physical connection. It can be an active or passive tap. Active tap allows you to switch to many different connections. Passive tap takes a small sample of the signal and sending it to the analysis tool

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Port Mirror

A

Port redirection, SPAN (Switched Port ANalyzer). It’s a software based tap with limited functionality but can work well in a pinch.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly