Corporate Computer and Network Security Ch 4,5,6
About this set
Created by:
marcturpin on October 14, 2011
Subjects:
Log in to favorite or report as inappropriate.
Order by
38 terms
Terms | Definitions |
|---|---|
 Cryptographic system standard | A standard for a particular type of cryptographic system |
| Handshaking stages | In cryptographic systems, a set of three stages that takes place before ongoing comunication: negotiating security methods and options, initial authenticaion, and key |
| VPN | Cryptographic system that provides secure communication over an untrusted network |
| host-to-host VPN | VPN that links two hosts |
| VPN Gateway | Host at a site boundary that terminates host-to-host and remote access VPNs |
| Site-to-site VPN | VPN that links two sites |
| SSL | Crytrographic system standard for communication between a browser and a host or a browser and a SSL/TLS gateway |
| TLS | Transport layer security |
| IPsec | A family of ryptographic system standards created by the IETF for security at the internet layer. Provides transparent protection to everything in the data field of a packet. |
| Ipsec gateways | A site gateway that terminates IPsec tunnel mode operation |
| Security association | In IPsec, is an agreement about what security methods and options two hosts or two IPSec gateways will use |
| IPsec policy servers | Servers that push a list of suitable policies to individual IPsec gateway servers of hosts |
| MultiProtocol Label Switching | A protocol for increasing the efficiency of routed networks by determining the transmission path of all packets between two points before a conversation begins between those two points. Routes are hidden from subscribers, providing security by obscurity |
| Central authentication server | Maintains a central authentication database and checks credentials for many authenticators |
| Authenticator | Device to which a computer attaches to get network access. Usually a switch or an access point |
| Extensible Authentication Protocol | Protocol to govern the specifics of authentication interactions |
| Evil twin access points | A pc that has software to allow it to masquerade as an access point. Executes a MITM attack against the wireless client and a legitimate access point |
| Rogue access points | Unauthorized access point, usually having no security |
| Access Control | The policy-driven control of access to systems, data, and dialogues |
| Two-factor authentication | Requiring a supplicant to supply two sets of authentication credentials |
| Multifactor authentication | Requiring a supplicant to supply two or more sets of authentication credentials. |
| Role-based access control | Giving access to people based on their organizational roles |
| Single point of entry | An element of the architecture at which an attacker can do a great deal of damage by compromising a single system |
| Piggybacking | Following someone through a secure door without entering a passcode |
| Public Key infrastructure | Technology and organization needed for digital certs and public key processes |
| Provisioning | Providing access credentials |
| Prime Authentication problem | Checking a person's human credentials before giving access credentials |
| Principle of least permissions | Principle that each person should only get the permissions that he or she absolutely needs to do his/her job |
| Federated identity management | System in which two companies can pass identity assertions to each other without allowing the other to access internal data |
| Stateful packet inspection | Firewall filtering based on the state of the connection |
| Access control lists | List of rules for allowing or not allowing access |
| Network address translation | Process of hiding internal IP addresses and port numbers to thwart sniffers |
| Application proxy firewalls | Firewall that examines the content of application messages and provides other protections |
| Intrusion detection system | System that reads network traffic to find suspicious packets |
| Deep packet inspection | Inspecting all layer content in a packet |
| Unified threat management firewalls | Combines traditional firewall filtering with antivirus protection and other protections |
| Demilitarized zone | Subnet that contains all of the servers and application proxy firewalls that must be accessible to the outside world |
| Central firewall management system | System that pushes filtering rules out to individual firewalls based on firewall policies |
First Time Here?
Welcome to Quizlet, a fun, free place to study. Try these flashcards, find others to study, or make your own.