• Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off

Card Range To Study



Play button


Play button




Click to flip

Use LEFT and RIGHT arrow keys to navigate between flashcards;

Use UP and DOWN arrow keys to flip the card;

H to show hint;

A reads text to speech;

24 Cards in this Set

  • Front
  • Back
all-in-one network security appliance
Network hardware that provides multiple security functions
anomaly-based monitoring
A monitoring technique used by an IDS that creates a baseline of normal activities and compares actions against the baseline. Whenever a significant deviation from this baseline occurs, an alarm is raised.
behavior-based monitoring:
A monitoring technique used by an IDS that uses the normal processes and actions as the standard and compares actions against it.
demilitarized zone (DMZ):
A separate network that rest outside the secure network perimeter; untrusted outside users can access the DMZ but cannot enter the secure network;
heuristic monitoring:
A monitoring technique used by an IDS that uses an algorithm to determine if a threat exist.
host intrusion setection system(HIDS)
A software-based application that runs on a local host computer that can detect an attack as it occurs.
intrusion detection system(IDS):
A device designed to be active security; it can detect an attack as it occurs.
Load balancer:
A device that can direct request to different servers based on a variety of factors, such as the number of server connections, the server's processor utilization, and overall performance of the server.
Network access control (NAC):
A technique that examines the current state of a system or network device before it is allowed to connect to the network.
Network address translation (NAT):
A technique that allows private IP addresses to be used on the public Internet.
Network Intrusion detection system (NIDS)
A technology that watches for attacks on the network and reports back to a central device.
network intrusion prevention system (NIPS)
A technology that monitors network traffic to immediately react to block a malicious attack.
proxy server:
A computer or an application program that intercepts a user request from the internal secure network and then processes that request on behalf of the user.
remote access:
Any combination of hardware and software that enables remote users to access a local internal network.
reverse proxy:
A computer or an application program that routes incoming request to the correct server.
A device that can forward packets across computer networks.
signature-based monitoring:
A monitoring technique used by an IDS that examines network traffic to look for well-known patterns and compares the activities against a predefined signature.
subnetting (subnet addressing):
A technique that uses IP addresses to divide a network into network, subnet, and host.
A device that connects network segments and forwards only frames intended for that specific device or frames sent to all devices.
virtual LAN (VLAN):
A technology that allows scattered users to be logically grouped together even though they may be attached to different switches.
virtual private network(VPN):
A technology to use an unsecured public network, such as the internet, like a secure private network.
VPN concentrator:
A device that aggregates hundreds or thousands of VPN connections.
web application firewall:
A special type of firewall that looks more deeply into packets that carry HTTP traffic.
web security gateway:
A device that can block malicious content in "real time" as it appears (without first knowing the URL of a dangerous site)