chapter 6

Created by jrt202 

Upgrade to
remove ads

70 terms

32

IP addresses are ____-bit addresses.

all in one network security appliance

Network hardware that provides multiple security functions

anomaly based monitoring

A monitoring technique used by an IDS that creates a baseline of normal activities and compares actions against the baseline. Whenever a significant deviation from this baseline occurs an alarm is raised

ARP poisoning

The attacker sends a forged ARP packet to the source device, substituting the attacker's computer MAC address

Baseline

A reference set of data against which operational data is compared

behavior based monitoring

A monitoring technique used by an IDS that uses the normal processes and actions as the standard and compares actions against it

broadcast

frames sent to all devices

cache

temporary storage area

Core switches

reside at the top of the hierarchy and carry traffic between switches

demilitarized zone

A separate network that rests outside the secure network perimeter; untrusted outside users can access it but cannot enter the secure network

endpoint

A(n) ____ is the end of the tunnel between VPN devices.

false positives

alarms that are raised when there is no actual abnormal behavior

Firewall

What is another name for a packet filter?

heuristic monitoring

A monitoring technique used by an IDS that uses an algorithm to determine if a threat exists

host based software firewall

a program that is run on a local system to filter traffic

host intrusion detection system

A software-based application that runs on a local host computer that can detect an attack as it occurs

hub

a standard network device for connecting multiple Ethernet devices together using twisted pair copper or fiber optic cables in order to make them function as a single network segment

integrated network security hardware

combine or integrate multipurpose security appliances with a traditional network device such as a switch or router

Internet content filters

monitor Internet traffic and block access to preselected Web sites and files

intrusion detection system

A device designed to be active security; it can detect an attack as it occurs

IP spraying

Load balancing that is used for distributing HTTP requests received through port 80

Layer 4-7 router

A hardware load balancer

load balancer

A device that can direct requests to different servers based on a variety of factors, such as the number of server connections, the server's processor utilization, and overall performance of the server

load balancing

a technology that can help to evenly distribute work across a network

MAC address impersonation

If two devices have the same MAC address, a switch may send frames to each device; an attacker can change the MAC address on their device to match the target device's MAC address

MAC flooding

An attacker can overflow the switch's address table with fake MAC addresses, forcing it to act like a hub, sending packets to all devices

MX record

an entry in the DNS that identifies the mail server responsible for handling that domain name

Network

Layer 3 of the OSI model is the ____ layer.

network access control

A technique that examines the current state of a system or network device before it is allowed to connect to the network

network address translation

A technique that allows private IP addresses to be used on the public Internet

network intrusion detection system

A technology that watches for attacks on the network and reports back to a central device

network intrusion prevention system

A technology that monitors network traffic to immediately react to block a malicious attack

network tap

a separate device that can be installed between two network devices to monitor traffic

OSI model

illustrates how a network device prepares data for delivery over the network to another device, and how data is to be handled when it is received

PAT

____ is typically used on home routers that allow multiple users to share one IP address received from an Internet service provider (ISP).

port address translation

A technique that gives each packet the same IP address but a different TCP port number

Port mirroring

An attacker connects his device to the switch's mirror port

Post Office Protocol

responsible for handling incoming mail on port 110

Private IP address

IP addresses that are not assigned to any specific user or organization

proxy server

A computer or an application program that intercepts a user request from the internal secure network and then processes that request on behalf of the user

remote access

any combination of hardware and software that enables remote users to access a local internal network

reverse proxy

A computer or an application program that routes incoming requests to the correct server

router

A device that can forward packets across computer networks

rule based firewall

rules set by an administrator that tell the firewall precisely what action to take with each packet that comes through it

Session

Layer 5 of the OSI model is the ____ layer.

settings based firewall

allows the administrator to create sets of related parameters that together define one aspect of the device's operation

signature based monitoring

A monitoring technique used by an IDS that examines network traffic to look for well-known patterns and compares the activities against a predefined signature

Simple Mail Transfer Protocol

handles outgoing mail on port 25

site to site VPN

multiple sites can connect to other sites over the internet

stateful packet filtering

___ keeps a record of the state of a connection between an internal computer and an external device and then makes decisions based on the connection as well as the conditions.

stateless packet filtering

packets filtered by a firewall that looks at the incoming packet and permits or denies it based on the conditions that have been set by the administrator

stateless packet filtering

A firewall using ____ is the most secure type of firewall

Subnet Addressing

Allows an IP address to be split anywhere within its 32 bits

subnetting

A technique that uses IP addresses to divide a network into network, subnet and host

switch

A device that connects network segments and forwards only frames intended for that specific device or frames sent to all devices

system call

an instruction that interrupts the program being executed and requests a service from the operating system

unicast

frames intended for a specific device

virtual LAN

A technology that allows scattered users to be logically grouped together even though they may be attached to different switches

virtual private dial up network

a user-to-LAN connection used by remote users

virtual private network

a technology to use an unsecured public network, such as the Internet, like a secure private network

VPN

A(n) ____ encrypts all data that is transmitted between the remote device and the network.

VPN concentrator

A device that aggregates hundreds or thousands of VPN connections

Web application firewall

A special type of firewall that looks more deeply into packets that carry HTTP traffic

Web security gateway

A device that can block malicious content in "real time" as it appears (without first knowing the URL of a dangerous site)

workgroup switches

connected directly to the devices on the network

FALSE

True or False: Workgroup switches must work faster than core switches.

FALSE

True or False: The OSI model breaks networking steps down into a series of six layers.

TRUE

True and False: Behavior-based monitoring attempts to overcome the limitations of both anomaly-based monitoring and signature-based monitoring by being more adaptive and proactive instead of reactive.

TRUE

True or False: A basic level of security can be achieved through using the security features found in network hardware.

TRUE

True or False: Security is enhanced by subnetting a single network into multiple smaller subnets in order to isolate groups of hosts.

Please allow access to your computer’s microphone to use Voice Recording.

Having trouble? Click here for help.

We can’t access your microphone!

Click the icon above to update your browser permissions above and try again

Example:

Reload the page to try again!

Reload

Press Cmd-0 to reset your zoom

Press Ctrl-0 to reset your zoom

It looks like your browser might be zoomed in or out. Your browser needs to be zoomed to a normal size to record audio.

Please upgrade Flash or install Chrome
to use Voice Recording.

For more help, see our troubleshooting page.

Your microphone is muted

For help fixing this issue, see this FAQ.

Star this term

You can study starred terms together

NEW! Voice Recording

Create Set