Help
Options
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't Know
Remaining cards (0)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
Security+ Chap 6
Network Security
| Question | Answer |
|---|---|
| All-in-one network security appliance | Network hardware that provides multiple security functions. |
| Anomaly-based monitoring | A monitoring technique used by an IDS that creates a baseline of normal activities and compares actions against the baseline. Whenever a significant deviation from this baseline occurs, an alarm is raised. |
| Behavior-based monitoring | A monitoring technique used by an IDS that uses the normal processes and actions as the standard and compares actions against it. |
| Demilitarized zone (DMZ) | A separate network that rests outside the secure network perimeter; untrusted outside users can access the DMZ but cannot enter the secure network. |
| Heuristic monitoring | A monitoring technique used by an IDS that uses an algorithm to determine if a threat exists. |
| Host intrusion detection system (HIDS) | A software-based application that runs on a local host computer that can detect an attack as it occurs. |
| Intrusion detection system (IDS) | A device designed to be active security; it can detect an attack as it occurs. |
| Load balancer | A device that can direct requests to different servers based on a variety of factors, such as the number of server connections, the server's processor utilization, and overall performance of the server. |
| Network access control (NAC) | A technique that examines the current state of a system or network device before it is allowed to connect to the network. |
| Network address translation (NAT) | A technique that allows private IP addresses to be used on the public Internet. |
| Network intrusion detection system (NIDS) | A technology that watches for attacks on the network and reports back to a central device. |
| Network intrusion prevention system (NIPS) | A technology that monitors network traffic to immediately react to block a malicious attack. |
| Proxy server | A computer or an application program that intercepts a user request from the internal secure network and then processes that request on behalf of the user. |
| Remote access | Any combination of hardware and software that enables remote users to access a local internal network. |
| Reverse proxy | A computer or an application program that routes incoming requests to the correct server. |
| Router | A device that can forward packets across computer networks. |
| Signature-based monitoring | A monitoring technique used by an IDS that examines network traffic to look for well-known patterns and compares the activities against a predefined signature. |
| Subnetting (subnet addressing) | A technique that uses IP addresses to divide a network into network subnet, and host. |
| Switch | A device that connects network segments and forwards only frames intended for that specific device or frames sent to all devices. |
| Virtual LAN (VLAN) | A technology that allows scattered users to be logically grouped together even though they may be attached to different switches. |
| Virtual private network (VPN) | A technology to use an unsecured public network, such as the Internet, like a private network. |
| VPN concentrator | A device that aggregates hundreds or thousands of VPN connections. |
| Web application firewall | A special type of firewall that looks more deeply into packets that carry HTTP traffic. |
| Web security gateway | A device that can block malicious content in "real time" as it appears (without first knowing the URL of a dangerous site). |
Created by:
1592245141
Popular Computers sets