Create an account
anomaly based monitoring
A monitoring technique used by an IDS that creates a baseline of normal activities and compares actions against the baseline. Whenever a significant deviation from this baseline occurs an alarm is raised
The attacker sends a forged ARP packet to the source device, substituting the attacker's computer MAC address
behavior based monitoring
A monitoring technique used by an IDS that uses the normal processes and actions as the standard and compares actions against it
A separate network that rests outside the secure network perimeter; untrusted outside users can access it but cannot enter the secure network
A monitoring technique used by an IDS that uses an algorithm to determine if a threat exists
host intrusion detection system
A software-based application that runs on a local host computer that can detect an attack as it occurs
a standard network device for connecting multiple Ethernet devices together using twisted pair copper or fiber optic cables in order to make them function as a single network segment
integrated network security hardware
combine or integrate multipurpose security appliances with a traditional network device such as a switch or router
Internet content filters
monitor Internet traffic and block access to preselected Web sites and files
intrusion detection system
A device designed to be active security; it can detect an attack as it occurs
A device that can direct requests to different servers based on a variety of factors, such as the number of server connections, the server's processor utilization, and overall performance of the server
MAC address impersonation
If two devices have the same MAC address, a switch may send frames to each device; an attacker can change the MAC address on their device to match the target device's MAC address
An attacker can overflow the switch's address table with fake MAC addresses, forcing it to act like a hub, sending packets to all devices
an entry in the DNS that identifies the mail server responsible for handling that domain name
network access control
A technique that examines the current state of a system or network device before it is allowed to connect to the network
network address translation
A technique that allows private IP addresses to be used on the public Internet
network intrusion detection system
A technology that watches for attacks on the network and reports back to a central device
network intrusion prevention system
A technology that monitors network traffic to immediately react to block a malicious attack
illustrates how a network device prepares data for delivery over the network to another device, and how data is to be handled when it is received
____ is typically used on home routers that allow multiple users to share one IP address received from an Internet service provider (ISP).
port address translation
A technique that gives each packet the same IP address but a different TCP port number
A computer or an application program that intercepts a user request from the internal secure network and then processes that request on behalf of the user
any combination of hardware and software that enables remote users to access a local internal network
A computer or an application program that routes incoming requests to the correct server
rule based firewall
rules set by an administrator that tell the firewall precisely what action to take with each packet that comes through it
settings based firewall
allows the administrator to create sets of related parameters that together define one aspect of the device's operation
signature based monitoring
A monitoring technique used by an IDS that examines network traffic to look for well-known patterns and compares the activities against a predefined signature
stateful packet filtering
___ keeps a record of the state of a connection between an internal computer and an external device and then makes decisions based on the connection as well as the conditions.
stateless packet filtering
packets filtered by a firewall that looks at the incoming packet and permits or denies it based on the conditions that have been set by the administrator
A device that connects network segments and forwards only frames intended for that specific device or frames sent to all devices
an instruction that interrupts the program being executed and requests a service from the operating system
A technology that allows scattered users to be logically grouped together even though they may be attached to different switches
virtual private network
a technology to use an unsecured public network, such as the Internet, like a secure private network
Web application firewall
A special type of firewall that looks more deeply into packets that carry HTTP traffic
Web security gateway
A device that can block malicious content in "real time" as it appears (without first knowing the URL of a dangerous site)
True and False: Behavior-based monitoring attempts to overcome the limitations of both anomaly-based monitoring and signature-based monitoring by being more adaptive and proactive instead of reactive.
True or False: A basic level of security can be achieved through using the security features found in network hardware.
Please allow access to your computer’s microphone to use Voice Recording.
Having trouble? Click here for help.
We can’t access your microphone!
Click the icon above to update your browser permissions and try again
Reload the page to try again!Reload
Press Cmd-0 to reset your zoom
Press Ctrl-0 to reset your zoom
It looks like your browser might be zoomed in or out. Your browser needs to be zoomed to a normal size to record audio.
Please upgrade Flash or install Chrome
to use Voice Recording.
For more help, see our troubleshooting page.
Your microphone is muted
For help fixing this issue, see this FAQ.
Star this term
You can study starred terms together