• Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off
Reading...
Front

Card Range To Study

through

image

Play button

image

Play button

image

Progress

1/21

Click to flip

Use LEFT and RIGHT arrow keys to navigate between flashcards;

Use UP and DOWN arrow keys to flip the card;

H to show hint;

A reads text to speech;

21 Cards in this Set

  • Front
  • Back

A Stateful Packet-Filtering Firewall filters traffic based on?

Stateful Packet-Filtering Firewall filters traffic based on fields in the header of the packet, such as the source and destination IP address and the source and destination port numbers and what packets there needs to be in a three-way handshake.

A Packet-Filtering Firewall filters traffic based on?
Packet-Filtering Firewall filters traffic based on fields in the header of the packet, such as the source and destination IP address and the source and destination port numbers.

An Application Firewall filters traffic based on?

Application Firewall filters Stateful/Packet-filtering and payload data.

What Home Router are multifunctional devices. What are the features it has?

Network Address Translation (NAT), Firewall and URL-Filtering.

What is the Dual-Homed Firewall Topology do?

A single computer with two physical network interfaces that acts as a gateway between the networks. Software is used as firewalls and


Internet <-> Firewall <-> Internal Network

What is the Screen-Host Firewall Topology do?


This is not a Firewall it is hardware.
A Dual-Homed host with a screening router in between the host and the public network this allows packet filtering before packets reach the host.
Internet <-> Screen Router <-> Screened-Host
Firewall <-> Internal Network

What is the Screened-Subnet Firewall Topology do?

Internet <-> Screen Router <-> Screened-Host Firewall <-> Screen Router


<-> Internal Network

What does a Private LAN firewall do?

Ensures that no traffic from any other network is sent through the firewall.

What is the DMZ?

An area between two firewalls that allows selected traffic from the Internet to pass through the external firewall into the system withing the DMZ.

What four servers are normally placed in the DMZ?
  1. DNS
  2. Web
  3. FTP
  4. SMTP

An Intrusion Detection System (IDS) is?

Is responsible for monitoring activity on a system or network and then logging or notifying the administrator of any suspicious activity.

Name three IDS System types?
  1. Signature-Based uses signature file
  2. Anomaly-Based looks for abnormal traffic
  3. Heuristic Based on the IDS past experiences used with anti-virus

Name two methods of implementing IDS?
  1. Host-Based (HIDS) is installed on a single system and monitors suspicious activity on that system i.e. memory, system files, log files and connections
  2. Network-Based (NIDS) can be installed as its own network device or software system. Analyzes all traffic across the network logs the details of the activity and sends out admin alerts. DOES NOT WORK ON ENCRYPTED NETWORKS.

What are the components of a NIDS?
  1. Sensor: on each network segment collecting traffic and forwarding to the analysis engine.
  2. Analysis Engine: receives sensor packets and determine if they are suspicious.
  3. Console: Used to configure NIDS and is where alerts and notifications are typically sent.

What are the two Classes of IDSes?
  1. Passive IDS: monitors suspicious activity logs it to a file and sends notifications to admin.
  2. Active IDS and IPS: monitors suspicious activity logs it to a file and sends notifications to admin and takes protective measures. Now known as intrusion prevention system (IPS).

What is the promiscuous mode of a network card?

Means the network card will receive all traffic.

What are two common methods of bypassing the filtering feature on a switch?
  1. Port mirroring: where a port is configured to receive all network traffic.
  2. Network Tap: a device connected to the network which has ports used to connect a monitoring system to the device.

Name three types of network designs?
  1. Subnetting: manipulates the subnet mask scheme to create different subnets
  2. Segments: Creates Multiple collision domains and using bridges, switches, routers. Broadcast domains are created using different router ACL.
  3. VLANs: Uses a single router divided into different broadcast domains.

What is Network Address Translation (NAT)?

A device that allows private address ranges on the inside of a network to be translated to public address thereby hiding the private network,

What is Network Access Control (NAC)?

Technology that allows you to control who can access your network based on specific conditions. If the conditions are not met then the device can be send to a restricted network, which allows them to remedy their situation.

SIP and RTP are generally used with VoIP and it is common security practice to use a ____________ ________ should be set to separate them?

to use a VLAN to separate them from other network traffic.