Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
30 Cards in this Set
- Front
- Back
|
List various types of security network topologies |
DMZ, extranet, intranet, guest networks, ad hoc, Honeypot / Honeynets, secure NAT. |
|
|
What is a DMZ |
It's the place where the internet or other outside networks meets your web server/network on the other side of your firewall. A safe zone where the public can access |
|
|
What is an extranet |
A private network which is external to your network, designed to be accessed by partners such as vendors or suppliers. This allows these authorized partners to access various resources that you would want them to, but without giving them access to your network. |
|
|
What are the security benefits of a guest network |
It is separate from the typical network, I'm not connected to your database or other devices. It is oftentimes connected only to the internet and his access to buy guests through one-time authentication credentials which are deleted after the session is over |
|
|
What is intranet |
A private network database which is only accessible internally. To access this network, you would have to be either directly connected to the normal network, or connect to it through a VPN. It's a useful way to store important files, company announcements, important contacts, etc. |
|
|
What is the security relevancy of ad hoc |
It allows you to transfer files or any other content without the recipients having to gain access to the network. |
|
|
What are honey pots and honeynets |
Components of your network which are designed to attract malicious activity, but don't actually contain any sensitive information. once it attracts the bad guys, you can either quarantine their activity there, or watch what they're doing and study what they want. A honey pot is usually a single thing, such as a stray a laptop with administrative controls. A honey nuts is an entire network that does the same thing, But it allows the malicious activity to search around so you can watch and study it. |
|
|
What is an NAT and how is it relevant to security? |
It sends for network address translation, and it is a method of remapping IP address spaces In an attempt to deal with IPv4 address exhaustion. For example, an entire network of devices might share a single IP address, which then gets resolved to their actual destination when the packet arrives at the network. NAT doesn't have any security in and of itself, but the concept does provide some the security through obscurity, and securing your NAT can capitalize on that. |
|
|
What does segmenting the network mean |
Separating the network into various segments, either on the physical, logical, or virtual levels. |
|
|
How is network segmentation typically accomplished? |
Multiple devices, VLANs, or separate virtual networks |
|
|
What does network segmentation accomplish? |
Performance - if you host an application which has a high bandwidth, segmenting that application to its own network improves performance for both of the application, and everything else. Security - for example, separating the users from the core network which has access to the database. Compliance - some regulations for choir compliance, for efficiency reasons or above mentioned reasons. |
|
|
I would want to accomplish a physical segmentation |
By having two separate switches which each handle is separate networks |
|
|
What is a VLAN? |
A virtual local area network |
|
|
What are some of the problems with physical segmentation |
F1 or both of the customers only has a few devices, then it's a bit inefficient, having an entire switch only switching for two or three devices. Also, it's not very scalable. If a customer has thousands of devices, you would need a lot of space to handle all of those switches. |
|
|
What is logical segmentation and how would you do it? |
It's when both networks are on the same switch, but they are logically separated by each having a separate VLAN within the router. |
|
|
How does a virtualized network work? |
Every network device exists as a program on a server. The firewall, the switch, router, load balancer, all of them are digital programs. |
|
|
What are some of the benefits of a virtualized network? |
They offer much more control. You can redesign the network from a computer terminal, drop firewalls with the click up a button, drag and drop devices between networks, etc. |
|
|
In network segmentation, what is an air gap? |
It's when the networks has no wireless functionality, and there no shared devices between them. Nothing can jump across the air. |
|
|
What are some of the benefits and weaknesses of air gap segmentations? |
Overall, it's very strong, though not impenetrable. It's strong because you have to connect to it physically, which is difficult to do conspicuously, but it can be penetrated if, for example, someone forgets to disable removable media. In this case, you could simply unplug a flash drive from one network, walk it across the air gap, and then plug it into the other. |
|
|
What is a site to save VPN |
When you want to connect two sides across the public network, but want to keep all traffic encrypted |
|
|
How can you accomplish a site beside VPN |
By having a VPN appliance at each location. Typically, each location will have a firewall, and most firewalls are designed to also act as VPNs if necessary. |
|
|
What is a host to site VPN? |
It's when you want to create a VPN connection between a site, and an individual remote user. |
|
|
How is a host to site VPN accomplished? |
By installing software on the remote users computer which allows it to establish a VPN connection with the VPN concentrator on the network they want to connect to. |
|
|
What is a host-to-host vpn? |
A VPN connection between two individual devices. |
|
|
How is a host to host VPN accomplished? |
By installing software on both devices which allows their connection to be encrypted by a VPN. |
|
|
What is the difference between a sensor and a collector? |
Sensor is simply collect the raw data. Collectors interpret and make sense of it all. Sensor examples include IPS, firewall logs, authentication logs, logs in general. Collectors include SIEM consoles, syslog servers, etc. |
|
|
What is an SSL accelerator and what purpose does it serve? |
HTTPS connections require a cryptographic handshake using SSL, and this handshake takes a lot of CPU cycles. If you have a lot of people connecting to the server, this handshake becomes quite burdensome. An SSL accelerator handles this handshake in place of the client. The client communicates with the accelerator in HTTPS, and then the accelerator communicates with the web server in HTTP. Basically, it offloads that difficult handshake to a different device. |
|
|
What is a DDoS mitigator? |
A device which resists a distributed denial of service attack, or just minimizes its impact. |
|
|
What are taps? |
Physical devices which you connect to a communication line by physically disconnecting the link, and putting it in the middle. This device can then capture packets so you can analyze them. |
|
|
What is a port mirror? |
Also called a port redirection, or a SPAN ( switched port analyzer) You can connect this device to your switch, and tell it totake all the traffic from one particular set of interfaces and send a copy of it to your analysis tool. |
