Install and configure network components, both hardware and software-based, to support organizational security

Install and configure network components, both hardware and software-based, to support organizational security Flash Cards

Firewall

An inter-network connection device that restricts data communication traffic between two connected networks. A firewall may be either an application installed on a general-purpose computer or a dedicated platform (appliance), which forwards or rejects/drops packets on a network. Typically firewalls are used to define zone borders. Firewalls generally have rules restricting which ports are open. -NIST

ACL

A list of entities, together with their access rights, that are authorized to have access to a resource. -NIST

Application-based

The directory, which contains all the files related to a . NET application, including the executable file (.exe) that loads into the initial or default application domain. -techopedia.com

Network-based

A network-based firewall controls traffic going in and out of a network. It does this by filtering traffic based on firewall rules and allows only authorized traffic to pass through it. Most. organizations include at least one network-based firewall at the boundary between their internal network and the Internet. -hacktress.com

Stateful

The computer or program keeps track of the state of interaction, usually by setting values in a storage field designated for that purpose. Stateless means there is no record of previous interactions and each interaction request has to be handled based entirely on information that comes with it. -techtarget.com

Stateless

There is no record of previous interactions and each interaction request has to be handled based entirely on information that comes with it. -Techtarget.com

Implicit Deny

when a user or group are not granted a specific permission in the security settings of an object, but they are not explicitly denied either. An implicit deny only denies a permission until the user or group is allowed to perform the permission. -underthehood-autodesk.typepad.com

VPN Concentrator

A type of networking device that provides secure creation of VPN connections and delivery of messages between VPN nodes. It is a type of router device, built specifically for creating and managing VPN communication infrastructures. -techopedia.com

Remote Access

Access to an organizational information system by a user (or an information system) communicating through an external, non-organization-controlled network (e.g., the Internet). -NIST

Site-to-Site

Site-to-site VPN is a type of VPN connection that is created between two separate locations. It provides the ability to connect geographically separate locations or networks, usually over the public Internet connection or a WAN connection. -techopedia.com

IPSec

A protocol that adds security features to the standard IP protocol to provide confidentiality and integrity services. -nist.gov

Tunnel Mode

IPsec mode that creates a new IP header for each protected packet. -nist.gov

Transport Mode

IPsec mode that does not create a new IP header for each protected packet. -nist.gov

AH

A protocol and part of the Internet Protocol Security (IPsec) protocol suite, which authenticates the origin of IP packets (datagrams) and guarantees the integrity of the data. -techopeia.com

ESP

A protocol within the IPSec for providing authentication, integrity and confidentially of network packets data/payload in IPv4 and IPv6 networks. ESP provides message/payload encryption and the authentication of a payload and its origin within the IPSec protocol suite. -techopedia.com

Split Tunnel

The process of allowing a remote user or device to establish a non-remote connection with a system and simultaneously communicate via some other connection to a resource in an external network. This method of network access enables a user to access remote devices (e.g., a networked printer) at the same time as accessing uncontrolled networks. -nist.gov

Full Tunnel

A method that causes all network traffic to go through the tunnel to the organization. -nist.gov

TLS

An authentication and encryption protocol widely implemented in browsers and Web servers. HTTP traffic transmitted using TLS is known as HTTPS. -nist.gov

Always-on VPN

An always-on VPN is a selective VPN that connects an external client so they can access the internet along with company resources when the computer is not on a trusted network, which protects the company from security threats. -lynda.com

NIPS

A system used to monitor a network as well as protect the confidentiality, integrity, and availability of a network. Its main functions include protecting the network from threats, such as denial of service (DoS) and unauthorized usage. -techopedia.com

NIDS

Software that performs packet sniffing and network traffic analysis to identify suspicious activity and record relevant information. -nist.gov

Signature-based

Signatures refer to predetermined and preconfigured attack patterns/rules that identify attacks on web applications and their components. Both NIDS and NIPS can use signature-based detection but what follows if different for both. -infosecinstitiute.com

Heuristic/ Behavioral

Heuristic or Behavioral based NIPS and NIDS operate by comparing incoming traffic and packets against a pre-established baseline of normally experienced behavior for the respective organization. NIDS, being the passive system, will just detect suspicious behavior by comparing to the baseline. NIPS, which focuses on prevention, will go one step further and take some action to either stop or mitigate the potential threat. -infosecinstitute.com

Anomaly

Anomaly-based NIDS and NIPS are where a touch of artificial intelligence comes into play. What anomaly-based NIDS and NIPS do is incoming monitor traffic and asks whether the incoming traffic acts like enemy traffic. -infosecinstitute.com

Inline

Inline refers to being in between the firewall and the rest of the network environment. NIPS is considered an inline network security solution. -infosecinstitute.com

Passive

NIDS, on the other hand, is a passive network security solution. It may sit on the inner network side of a firewall, on the DMZ, or on the WAN side. -infosecinstitute.com

In-band

Everything in the network has to move through the NIPS.

Out-of-Band

Things in the network don't have to go through the NIDS.

Rules

An element that holds check references and may also hold remediation information. -nist.gov

Analytics

The systematic computational analysis of data or statistics. -dictionary

False Positive

An alert that incorrectly indicates that a vulnerability is present. -nist.gov

False Negative

An instance in which a security tool intended to detect a particular threat fails to do so. -nist.gov

Router

A computer that is a gateway between two networks at OSI layer 3 and that relays and directs data packets through that inter-network. The most common form of router operates on IP packets. -nist.gov

ACLs

A list of entities, together with their access rights, that are authorized to have access to a resource. -nist.gov

Antispoofing

Countermeasures taken to prevent the unauthorized use of legitimate identification & authentication (I&A) data, however it was obtained, to mimic a subject different from the attacker. -nist.gov

Switch

A network device that filters and forwards packets between LAN segments. -nist.gov

Port Security

A layer two traffic control feature on Cisco Catalyst switches. It enables an administrator configure individual switch ports to allow only a specified number of source MAC addresses ingressing the port. -packetlife.net

Layer 2

Layer 2 on a switch typically deals with MAC addresses.

Layer 3

Layer 3 on a switch typically deals with IP addresses.

Loop Prevention

Lorem ipsum dolor sit amet consectetur adipiscing elit dolor

Flood Guard

A protection feature built into many firewalls that allow the administrator to tweak the tolerance for unanswered login attacks. -neokobo.blogspot.com

Proxy

An agent that acts on behalf of a requester to relay a message between a requester agent and a provider agent. The proxy appears to the provider agent Web service to be the requester. -nist.gov

Forward Proxy

An Internet-facing proxy used to retrieve data from a wide range of sources (in most cases anywhere on the Internet). -wikipedia

Reverse Proxy

Usually an internal-facing proxy used as a front-end to control and protect access to a server on a private network. -wikipedia

Transparent

(also called inline proxy, intercepting proxy, or forced proxy) is a server that sits between your computer and the Internet and redirects your requests and responses without modifying them. -expressvpn.com

Application

Application proxies must support the application for which they are performing the proxy function and do not typically encrypt data. -pearsonitcertification.com

Multipurpose

Multipurpose proxy servers, also known as universal application level gateways, are capable of running various operating systems (such as UNIX, Windows, and Macintosh) and allowing multiple protocols to pass through (such as HTTP, FTP, NNTP, SMTP, IMAP, LDAP, and DNS). -pearsonitcertification.com

Load Balancer

A piece of hardware (or virtual hardware) that acts like a reverse proxy to distribute network and/or application traffic across different servers. -radware.com

Scheduling

The manner in which a server load is shared across a server pool. There are various load balancing methods available, and each method uses a particular criterion to schedule an incoming traffic. -Techopedia.com

Affinity

Server affinity refers to the ability of a load balancer or router to send a user's request to the same server where their session was initiated. -wiki.metawerx.net

Round-Robin

Traffic is sent in a sequential, circular pattern to each node of a load balancer. -pearsonitcertification.com

Active-passive

In an active-passive configuration, the server load balancer recognizes a failed node and redirects traffic to the next available node. -techtarget.com

Active-active

In an active-active configuration, the load balancer spreads out the workload's traffic among multiple nodes. -techtarget.com

Virtual IPs

Virtual IP (VIP) is the load-balancing instance where the world points its browsers to get to a site. -doesconsulting.com

Access Point

A device that logically connects wireless client devices operating in infrastructure to one another and provides access to a distribution system, if connected, which is typically an organization’s enterprise wired network. -nist.gov

SSID

A name assigned to a wireless access point that allows stations to distinguish one wireless access point from another. -nist.gov

MAC Filtering

MAC Filtering refers to a security access control method whereby the MAC address assigned to each network card is used to determine access to the network. -wikipedia

Signal Strength

The magnitude of an electric field at a reference point, which is located at a significant distance from the transmitting antenna. -techopedia.com

Band Selection/ Width

Most Access point devices allow the administrator to configure the Wi-Fi band that the Access point will use. A well-planned network will have the Band selection/width of its Access point that works best for its needs. Width is defined by the frequency of the band. -infosecinstitute.com

Antenna Types and Placement

Omnidirectional antenna, directional antenna, and parabolic antenna are types of antenna.

Fat (access point)

Lorem ipsum dolor sit amet consectetur adipiscing elit dolor

Thin (access point)

Lorem ipsum dolor sit amet consectetur adipiscing elit dolor

Controller-based

Lorem ipsum dolor sit amet consectetur adipiscing elit dolor

Standalone

Lorem ipsum dolor sit amet consectetur adipiscing elit dolor

SIEM

A subsection within the field of computer security, where software products and services combine security information management (SIM) and security event management (SEM). They provide real-time analysis of security alerts generated by applications and network hardware. -wikipedia.com

Aggregation

The consolidation of similar log entries into a single entry containing a count of the number of occurrences of the event. -nist.gov

Correlation

Finding relationships between two or more log entries. -nist.gov

Automated Alerting

Lorem ipsum dolor sit amet consectetur adipiscing elit dolor

Automated Alerting Triggers

Lorem ipsum dolor sit amet consectetur adipiscing elit dolor

Time Synchronization

Lorem ipsum dolor sit amet consectetur adipiscing elit dolor

Event Deduplication

Lorem ipsum dolor sit amet consectetur adipiscing elit dolor

Logs/WORM

Log: A record of the events occurring within an organization’s systems and networks. -nist.gov WORM: Write once read many

DLP

A strategy for making sure that end users do not send sensitive or critical information outside the corporate network. The term is also used to describe software products that help a network administrator control what data end users can transfer. -techtarget.com

USB Blocking

Lorem ipsum dolor sit amet consectetur adipiscing elit dolor

Cloud-based

Lorem ipsum dolor sit amet consectetur adipiscing elit dolor

Email

Messages distributed by electronic means from one computer user to one or more recipients via a network. -dictionary

NAC

Lorem ipsum dolor sit amet consectetur adipiscing elit dolor

Dissolvable

Lorem ipsum dolor sit amet consectetur adipiscing elit dolor

Permanent

Lorem ipsum dolor sit amet consectetur adipiscing elit dolor

Host Health Checks

Lorem ipsum dolor sit amet consectetur adipiscing elit dolor

Agent

A program acting on behalf of a person or organization. -nist.gov

Agentless

Lorem ipsum dolor sit amet consectetur adipiscing elit dolor

Mail Gateway

Lorem ipsum dolor sit amet consectetur adipiscing elit dolor

Spam Filter

Lorem ipsum dolor sit amet consectetur adipiscing elit dolor

DLP (Mail Gateway)

Lorem ipsum dolor sit amet consectetur adipiscing elit dolor

Encryption

The cryptographic transformation of data to produce ciphertext. -nist.gov

Bridge

Lorem ipsum dolor sit amet consectetur adipiscing elit dolor

SSL/TLS Accelerators

Lorem ipsum dolor sit amet consectetur adipiscing elit dolor

SSL Decryptors

Lorem ipsum dolor sit amet consectetur adipiscing elit dolor

Media Gateway

The interface between circuit switched networks and IP network. Media gateways handle analog/digital conversion, call origination and reception, and quality improvement functions such as compression or echo cancellation. -nist.gov

Hardware Security Module

A physical computing device that safeguards and manages cryptographic keys and provides cryptographic processing. An HSM is or contains a cryptographic module. -nist.gov