Install and configure network components, both hardware and software-based, to support organizational security Flash Cards
Firewall
An inter-network connection device that restricts data communication traffic between two connected networks. A firewall may be either an application installed on a general-purpose computer or a dedicated platform (appliance), which forwards or rejects/drops packets on a network. Typically firewalls are used to define zone borders. Firewalls generally have rules restricting which ports are open. -NIST
ACL
A list of entities, together with their access rights, that are authorized to have access to a resource. -NIST
Application-based
The directory, which contains all the files related to a . NET application, including the executable file (.exe) that loads into the initial or default application domain. -techopedia.com
Network-based
A network-based firewall controls traffic going in and out of a network. It does this by filtering traffic based on firewall rules and allows only authorized traffic to pass through it. Most. organizations include at least one network-based firewall at the boundary between their internal network and the Internet. -hacktress.com
Stateful
The computer or program keeps track of the state of interaction, usually by setting values in a storage field designated for that purpose. Stateless means there is no record of previous interactions and each interaction request has to be handled based entirely on information that comes with it. -techtarget.com
Stateless
There is no record of previous interactions and each interaction request has to be handled based entirely on information that comes with it. -Techtarget.com
Implicit Deny
when a user or group are not granted a specific permission in the security settings of an object, but they are not explicitly denied either. An implicit deny only denies a permission until the user or group is allowed to perform the permission. -underthehood-autodesk.typepad.com
VPN Concentrator
A type of networking device that provides secure creation of VPN connections and delivery of messages between VPN nodes. It is a type of router device, built specifically for creating and managing VPN communication infrastructures. -techopedia.com
Remote Access
Access to an organizational information system by a user (or an information system) communicating through an external, non-organization-controlled network (e.g., the Internet). -NIST
Site-to-Site
Site-to-site VPN is a type of VPN connection that is created between two separate locations. It provides the ability to connect geographically separate locations or networks, usually over the public Internet connection or a WAN connection. -techopedia.com
IPSec
A protocol that adds security features to the standard IP protocol to provide confidentiality and integrity services. -nist.gov
Tunnel Mode
IPsec mode that creates a new IP header for each protected packet. -nist.gov
Transport Mode
IPsec mode that does not create a new IP header for each protected packet. -nist.gov
AH
A protocol and part of the Internet Protocol Security (IPsec) protocol suite, which authenticates the origin of IP packets (datagrams) and guarantees the integrity of the data. -techopeia.com
ESP
A protocol within the IPSec for providing authentication, integrity and confidentially of network packets data/payload in IPv4 and IPv6 networks. ESP provides message/payload encryption and the authentication of a payload and its origin within the IPSec protocol suite. -techopedia.com
Split Tunnel
The process of allowing a remote user or device to establish a non-remote connection with a system and simultaneously communicate via some other connection to a resource in an external network. This method of network access enables a user to access remote devices (e.g., a networked printer) at the same time as accessing uncontrolled networks. -nist.gov
Full Tunnel
A method that causes all network traffic to go through the tunnel to the organization. -nist.gov
TLS
An authentication and encryption protocol widely implemented in browsers and Web servers. HTTP traffic transmitted using TLS is known as HTTPS. -nist.gov
Always-on VPN
An always-on VPN is a selective VPN that connects an external client so they can access the internet along with company resources when the computer is not on a trusted network, which protects the company from security threats. -lynda.com
NIPS
A system used to monitor a network as well as protect the confidentiality, integrity, and availability of a network. Its main functions include protecting the network from threats, such as denial of service (DoS) and unauthorized usage. -techopedia.com
NIDS
Software that performs packet sniffing and network traffic analysis to identify suspicious activity and record relevant information. -nist.gov
Signature-based
Signatures refer to predetermined and preconfigured attack patterns/rules that identify attacks on web applications and their components. Both NIDS and NIPS can use signature-based detection but what follows if different for both. -infosecinstitiute.com
Heuristic/ Behavioral
Heuristic or Behavioral based NIPS and NIDS operate by comparing incoming traffic and packets against a pre-established baseline of normally experienced behavior for the respective organization. NIDS, being the passive system, will just detect suspicious behavior by comparing to the baseline. NIPS, which focuses on prevention, will go one step further and take some action to either stop or mitigate the potential threat. -infosecinstitute.com
Anomaly
Anomaly-based NIDS and NIPS are where a touch of artificial intelligence comes into play. What anomaly-based NIDS and NIPS do is incoming monitor traffic and asks whether the incoming traffic acts like enemy traffic. -infosecinstitute.com
Inline
Inline refers to being in between the firewall and the rest of the network environment. NIPS is considered an inline network security solution. -infosecinstitute.com
Passive
NIDS, on the other hand, is a passive network security solution. It may sit on the inner network side of a firewall, on the DMZ, or on the WAN side. -infosecinstitute.com
In-band
Everything in the network has to move through the NIPS.
Out-of-Band
Things in the network don't have to go through the NIDS.
Rules
An element that holds check references and may also hold remediation information. -nist.gov
Analytics
The systematic computational analysis of data or statistics. -dictionary
False Positive
An alert that incorrectly indicates that a vulnerability is present. -nist.gov
False Negative
An instance in which a security tool intended to detect a particular threat fails to do so. -nist.gov
Router
A computer that is a gateway between two networks at OSI layer 3 and that relays and directs data packets through that inter-network. The most common form of router operates on IP packets. -nist.gov
ACLs
A list of entities, together with their access rights, that are authorized to have access to a resource. -nist.gov
Antispoofing
Countermeasures taken to prevent the unauthorized use of legitimate identification & authentication (I&A) data, however it was obtained, to mimic a subject different from the attacker. -nist.gov
Switch
A network device that filters and forwards packets between LAN segments. -nist.gov
Port Security
A layer two traffic control feature on Cisco Catalyst switches. It enables an administrator configure individual switch ports to allow only a specified number of source MAC addresses ingressing the port. -packetlife.net
Layer 2
Layer 2 on a switch typically deals with MAC addresses.
Layer 3
Layer 3 on a switch typically deals with IP addresses.
Loop Prevention
Lorem ipsum dolor sit amet consectetur adipiscing elit dolor
Flood Guard
A protection feature built into many firewalls that allow the administrator to tweak the tolerance for unanswered login attacks. -neokobo.blogspot.com
Proxy
An agent that acts on behalf of a requester to relay a message between a requester agent and a provider agent. The proxy appears to the provider agent Web service to be the requester. -nist.gov
Forward Proxy
An Internet-facing proxy used to retrieve data from a wide range of sources (in most cases anywhere on the Internet). -wikipedia
Reverse Proxy
Usually an internal-facing proxy used as a front-end to control and protect access to a server on a private network. -wikipedia
Transparent
(also called inline proxy, intercepting proxy, or forced proxy) is a server that sits between your computer and the Internet and redirects your requests and responses without modifying them. -expressvpn.com
Application
Application proxies must support the application for which they are performing the proxy function and do not typically encrypt data. -pearsonitcertification.com
Multipurpose
Multipurpose proxy servers, also known as universal application level gateways, are capable of running various operating systems (such as UNIX, Windows, and Macintosh) and allowing multiple protocols to pass through (such as HTTP, FTP, NNTP, SMTP, IMAP, LDAP, and DNS). -pearsonitcertification.com
Load Balancer
A piece of hardware (or virtual hardware) that acts like a reverse proxy to distribute network and/or application traffic across different servers. -radware.com
Scheduling
The manner in which a server load is shared across a server pool. There are various load balancing methods available, and each method uses a particular criterion to schedule an incoming traffic. -Techopedia.com
Affinity
Server affinity refers to the ability of a load balancer or router to send a user's request to the same server where their session was initiated. -wiki.metawerx.net
Round-Robin
Traffic is sent in a sequential, circular pattern to each node of a load balancer. -pearsonitcertification.com
Active-passive
In an active-passive configuration, the server load balancer recognizes a failed node and redirects traffic to the next available node. -techtarget.com
Active-active
In an active-active configuration, the load balancer spreads out the workload's traffic among multiple nodes. -techtarget.com
Virtual IPs
Virtual IP (VIP) is the load-balancing instance where the world points its browsers to get to a site. -doesconsulting.com
Access Point
A device that logically connects wireless client devices operating in infrastructure to one another and provides access to a distribution system, if connected, which is typically an organization’s enterprise wired network. -nist.gov
SSID
A name assigned to a wireless access point that allows stations to distinguish one wireless access point from another. -nist.gov
MAC Filtering
MAC Filtering refers to a security access control method whereby the MAC address assigned to each network card is used to determine access to the network. -wikipedia
Signal Strength
The magnitude of an electric field at a reference point, which is located at a significant distance from the transmitting antenna. -techopedia.com
Band Selection/ Width
Most Access point devices allow the administrator to configure the Wi-Fi band that the Access point will use. A well-planned network will have the Band selection/width of its Access point that works best for its needs. Width is defined by the frequency of the band. -infosecinstitute.com
Antenna Types and Placement
Omnidirectional antenna, directional antenna, and parabolic antenna are types of antenna.
Fat (access point)
Lorem ipsum dolor sit amet consectetur adipiscing elit dolor
Thin (access point)
Lorem ipsum dolor sit amet consectetur adipiscing elit dolor
Controller-based
Lorem ipsum dolor sit amet consectetur adipiscing elit dolor
Standalone
Lorem ipsum dolor sit amet consectetur adipiscing elit dolor
SIEM
A subsection within the field of computer security, where software products and services combine security information management (SIM) and security event management (SEM). They provide real-time analysis of security alerts generated by applications and network hardware. -wikipedia.com
Aggregation
The consolidation of similar log entries into a single entry containing a count of the number of occurrences of the event. -nist.gov
Correlation
Finding relationships between two or more log entries. -nist.gov
Automated Alerting
Lorem ipsum dolor sit amet consectetur adipiscing elit dolor
Automated Alerting Triggers
Lorem ipsum dolor sit amet consectetur adipiscing elit dolor
Time Synchronization
Lorem ipsum dolor sit amet consectetur adipiscing elit dolor
Event Deduplication
Lorem ipsum dolor sit amet consectetur adipiscing elit dolor
Logs/WORM
Log: A record of the events occurring within an organization’s systems and networks. -nist.gov WORM: Write once read many
DLP
A strategy for making sure that end users do not send sensitive or critical information outside the corporate network. The term is also used to describe software products that help a network administrator control what data end users can transfer. -techtarget.com
USB Blocking
Lorem ipsum dolor sit amet consectetur adipiscing elit dolor
Cloud-based
Lorem ipsum dolor sit amet consectetur adipiscing elit dolor
Messages distributed by electronic means from one computer user to one or more recipients via a network. -dictionary
NAC
Lorem ipsum dolor sit amet consectetur adipiscing elit dolor
Dissolvable
Lorem ipsum dolor sit amet consectetur adipiscing elit dolor
Permanent
Lorem ipsum dolor sit amet consectetur adipiscing elit dolor
Host Health Checks
Lorem ipsum dolor sit amet consectetur adipiscing elit dolor
Agent
A program acting on behalf of a person or organization. -nist.gov
Agentless
Lorem ipsum dolor sit amet consectetur adipiscing elit dolor
Mail Gateway
Lorem ipsum dolor sit amet consectetur adipiscing elit dolor
Spam Filter
Lorem ipsum dolor sit amet consectetur adipiscing elit dolor
DLP (Mail Gateway)
Lorem ipsum dolor sit amet consectetur adipiscing elit dolor
Encryption
The cryptographic transformation of data to produce ciphertext. -nist.gov
Bridge
Lorem ipsum dolor sit amet consectetur adipiscing elit dolor
SSL/TLS Accelerators
Lorem ipsum dolor sit amet consectetur adipiscing elit dolor
SSL Decryptors
Lorem ipsum dolor sit amet consectetur adipiscing elit dolor
Media Gateway
The interface between circuit switched networks and IP network. Media gateways handle analog/digital conversion, call origination and reception, and quality improvement functions such as compression or echo cancellation. -nist.gov
Hardware Security Module
A physical computing device that safeguards and manages cryptographic keys and provides cryptographic processing. An HSM is or contains a cryptographic module. -nist.gov