Help
Options
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't Know
Remaining cards (0)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
securityCHPT6
terms
| Question | Answer |
|---|---|
| iso | international organization |
| iso | released a set of specifications that was intended to describe how dissimiliar computers could be connected together over the network |
| osi reference model | illustartes how a network device prepares data for delivery over the network and how it is handled once it is received |
| hub | standard network device that connects multiple ethernet devices together using cables to make them function as a single network segment |
| switch | device that connects network segments |
| switch | can learn which device is connected to its ports and forward framws intended for a specific device |
| port mirroring | used on a network switch to send a copy of network packets seen on one switch port (or an entire VLAN) to a network |
| network tap | separate device that can be installed between two network devices to monitoe traffic |
| network tap | hardware device which provides a way to access the data flowing across a computer network. In many cases, it is desirable for a third party to monitor the traffic between two points in the network |
| router | network device that can forward packets across computer networks |
| load balancing | technology that can help evenly distribute work across a network |
| host based software firewall | runs as a program on a local system to filter traffic |
| hardware based network firewall | designed to inspect packets and either accept or deny entry |
| block | prevent the packet from passing over the network by dropping it |
| prompt | ask what action to take |
| rule based firewall | used a set of individual instructions to control the actions |
| settings based firewall | allows the administrator to create sets of related parameters that together define one aspect of the devices operation |
| stateful packet filtering | keeps a record of the state of a connection between an internal computer and an external device and then makes decisions based on the connection as well as the conditions |
| web application firewall | looks more deeply into packets that carry http traffic based on applications that function at the application layer layer seven |
| proxy | person who is authorized to act as the substitute or agent on behalf of another person |
| stateless packet filtering | looks at the incoming packet and permits or denies it based on the conditions that have been set by the administrator |
| proxy server | computer or application program that intercepts a user request from the internal secure network and then processes that request on behalf of the user |
| temporary storage area | cache |
| proxy server advantages | increased speed |
| proxy server advantages | reduced costs |
| proxy server advantages | improved management |
| proxy server advantages | stronger security |
| reverse proxy | routes incoming requests to the correct servers |
| tcp/ip email protocols | smtp |
| tcp/ip email protocols | pop |
| one method for filtering spam | install its own corporate spam filter |
| install its own corporate spam filter | install the spam filter with the smtp server |
| install its own corporate spam filter | install the spam filter on the pop3 server |
| virtual private network | a technology to use an unsecured public network like a secured private network |
| vpn concentrator | a device that aggregates hundreds or thousands of vpn connections |
| internet content filter | monitors traffic and block access to web sites and files |
| aspects of building a secure network | network devices |
| aspects of building a secure network | network technologies |
| aspects of building a secure network | design of the network itself |
| osi model | network devices classified based on function |
| internet content filter features | malware filtering |
| internet content filter features | url and content filtering |
| internet content filter features | prohibit file downloads |
| internet content filter features | profiles |
| internet content filter features | detailed reporting |
| intrusion detection system | device designed to be active security,can detect an attack as it occurs |
| monitoring methodologies | anomaly based monitoring |
| monitoring methodologies | signature based monitoring |
| monitoring methodologies | behavior based monitoring |
| monitoring methodologies | heuristic monitoring |
| anomaly based monitoring | designed for detecting statistical anomalies |
| signature based monitoring | method for auditing usage is to examine network traffic,activity,transactions or behavior and look for well known patterns |
| signature based monitoring | compares activities against a predefined signature |
| behavior based monitoring | continuously analyzes the behavior of processes and programs on a system and alerts the user if it detects any abnormal actions |
| hubs | works at layer one of the osi model |
| hubs | not read data passed thru them |
| switches | use mac addess to identify devices |
| switches | operates at layer two |
| heuristic monitoring | used by an ids that uses an algorithim to determine if a threat exists |
| ids | intrusion detection system |
| host intrusion detection system | software based application that runs on a local host computer that can detect an attack as it occurs |
| host intrusion detection systems monitor | system calls |
| host intrusion detection systems monitor | file system access |
| host intrusion detection systems monitor | system registry settings |
| host intrusion detection systems monitor | host input/output |
| system call | instruction that interrupts the program being executed and requests a service from the operating system |
| windows registry | maintains configuration information about programs and the computer |
| hids disadvantages | cant monitor network traffic that doesnt reach local system |
| hids disadvantages | all log data is stored locally |
| hids disadvantages | resource intensive and slows down the system |
| network intrusion detection system techniques | protocol stack verification |
| network intrusion detection system techniques | application protocol verification |
| network intrusion detection system techniques | create extended logs |
| passivs nids | sounds an alarm and logs the event |
| active nids | sound an alarm and take action |
| network intrusion prevention system | active nids |
| load balance security advantages | can stop attacks directed at a server or application |
| load balance security advantages | can detect and prevent denial of service attacks |
| load balance security advantages | hide http error pages |
| load balance security advantages | remove server identification headers from http responses |
| multipurpose security appliances provide an array of security functions | anti spam and anti phishing |
| multipurpose security appliances provide an array of security functions | content filtering |
| multipurpose security appliances provide an array of security functions | encryption |
| multipurpose security appliances provide an array of security functions | firewall |
| multipurpose security appliances provide an array of security functions | intrusion protection |
| network address translation | allows private ip addresses to be used on the public internet |
| private ip address | ip addresses that are not assigned to any specific user or organization |
| port address translation | each packet is given the same ip address but a different tcp port number |
| nat advantage | masks the ip addresses of in ternal device |
| nat advantage | allows multiple devices to share a smaller number of public ip addresses |
| rule based firewall settings | static in nature set of individual instructions to control actions |
| network access control | examines the current state of a system or network device before it is allowed to connect to the network |
| nac method for directing the client to a quarantine network and then later to the production network | dynamic host configuration protocol server |
| nac method for directing the client to a quarantine network and then later to the production network | address resolution protocol poisoning |
| elements of a secure network design | creating demilitarized zones |
| web application firewall | block specific sites or specific known attacks |
| web application firewall | can block xss and sql injection attacks |
| elements of a secure network design | subnetting |
| elements of a secure network design | using virtual lans |
| elements of a secure network design | remote access |
| ip addresses are two addresses | network address |
| ip addresses are two addresses | host address |
| subnetting advantages | flexibility |
| subnetting advantages | decreased network traffic |
| subnetting advantages | improved troubleshooting |
| subnetting advantages | reflection of physical network |
| subnetting advantages | minimal impact on external routers |
| subnetting advantages | hide the internal network layout |
| core switches | reside at the top of the hierarchy and carry traffic between switches |
| proxy servers | intercepts and process requests |
| vlan | allows scattered users to be logically grouped together even though they may be attached to different switches |
| vlan | reduce network traffic |
| workgroup switches | connected directly to the devices on the network |
| subnets | subdivisions of ip address classes and allow a single class a,b,c network to be used instead of multiple networks |
| remote access | refers to any combination of hardware and software that enables remote users to access a local internal network |
| nids | technology that monitors network traffic to immediately react to block a malicious attack |
| mx record | mail exchange record |
| mx record | entry in the domain name system that identifies the mail server responsible for handling that domain name |
| tunneling protocols | a packet is encrypted and enclosed within another packet |
| endpoint | the end of the tunnel between vpn devices |
| hardware based vpns | generally used for connecting two local area networks thru the vpn tunnel |
| hardware based vpns | more secure,better performance,offer more flexibility |
| signature based monitoring | looks for well known attaack signature patterns |
| behavior based monitoring | alert user who decides whether to allow or block activity |
| basic types of intrusion detection system | hids |
| basic types of intrusion detection system | nids |
| demilitarized zone | functions as a seperate network that rests outside the secure network parameter |
| demilitarized zone | untrusted outside users can access the dmz but cannot enter the secure network |
Created by:
cgeaski
Popular Computers sets