Google Cybersecurity 3

Data Packet

A basic unit of information that travels from one device to another within a network

Stateful

A class of firewall that keeps track of information passing through it and proactively filters out threats

Stateless

A class of firewall that operates based on predefined rules and that does not keep track of information from data packets

Botnet

A collection of computers infected by malware that are under the control of a single threat actor

Cloud network

A collection of servers or computers that stores resources and data in remote data centers that can be accessed via the internet

tcpdump

A command-line protocol analyzer. Administrators use it to capture packets.

User Datagram Protocol (UDP)

A connectionless protocol that does not establish a connection between devices before transmissions.

Modem

A device that connects your router to the internet and bring internet access to the LAN

Switch

A device that makes connections between specific devices on a network by sending and receiving data between them

Baseline configuration (baseline image)

A documented set of specifications within a system that is used as a basis for future builds, releases, and updates

Port Filtering

A firewall function that blocks or allows certain port numbers to limit unwanted communication

TCP/IP Model

A framework used to visualize how data is organized and transmitted across the network

Replay Attack

A network attack performed when a malicious actor intercepts a data packet in transit and delays it or repeats it at another time

IP spoofing

A network attack performed when an attacker changes the source IP of a data packet to impersonate an authorized system and gain access to a network

Smurf Attack

A network attack performed when an attacker sniffs an authorized user's IP address and floods it with ICMP packets

Hub

A network device that broadcasts information to every device on the network

Router

A network device that connects multiple networks together

Hypertext Transfer Protocol Secure (HTTPS)

A network protocol that provides a secure method of communication between clients and servers

Domain Name System (DNS)

A network protocol that translates internet domain names into IP addresses

Simple Network Management Protocol (SNMP)

A network protocol used for monitoring and managing devices on a network

Address Resolution Protocol (ARP)

A network protocol used to determine the MAC address of the next router or device on the path

Firewall

A network security device that monitors traffic to or from your network

Virtual Private Network (VPN)

A network security service that changes your public IP address and masks your virtual location so that you can keep your data private when you are using a public network like the internet.

Wide Area Network (WAN)

A network that spans a large geographic area such as a city, state, or country

Local Area Network (LAN)

A network that spans area like an office building, a school, or a home

Encapsulation

A process performed by a VPN service that protects your data by wrapping sensitive data in other data packets

Secure File Transfer Protocol (SFTP)

A secure protocol used to transfer files from one device to another over a network

Multi-factor authentication

A security measure which requires a user to verify their identity in two or more ways to access a system or network.

Network Segmentation

A security technique that divides the network into segments

Security Zone

A segment of a network that protects the internal network from the internet

Proxy Server

A server that fulfills the requests of its clients by forwarding them to other servers

Network Protocols

A set of rules used by two or more devices on a network to describe the order of delivery and the structure of the data.

IEEE 802.11 (Wi-Fi)

A set of standards that define communication for wireless LANs

Internet Protocol (IP)

A set of standards used for routing and addressing data packets as they travel between devices on a network

Penetration Test

A simulated attack that helps identify vulnerabilities in systems, networks, websites, applications, and processes

Patch update

A software and operating system update that addresses security vulnerabilities within a program or product

Port

A software-based location that organizes the sending and receiving of data between devices on a network.

Open systems interconnection (OSI) model

A standardized concept that describes the seven layers computers use to communicate and send data over the network.

Controlled Zone

A subnet that protects the internal network from the uncontrolled zone

Ping of Death

A type of DoS attack caused when a hacker pings a system by sending it an oversized ICMP packet that is bigger than 64KB

Internet Control Message Protocol (ICMP) Flood

A type of DoS attack performed by an attacker repeatedly sending ICMP request packets to a network server

SYN (synchronize) Flood Attack

A type of DoS attack that simulates a TCP connection and floods a server with SYN packets.

Active Packet Sniffing

A type of attack where data packets are manipulated in transit

Passive Packet Sniffing

A type of attack where data packets are read in transit

Distributed Denial of Service attack (DDoS)

A type of denial or service attack that uses multiple devices or servers in different locations to flood the target network with unwanted traffic

Media Access Control (MAC) address

A unique alphanumeric identifier that is assigned to each physical device on a network.

Internet Protocol (IP) Address

A unique string of characters that identifies the location of a device on the internet

Wired Equivalent Privacy (WEP)

A wireless security protocol designed to provide users with the same level of privacy on wireless network connections as they have on wired network connections.

WiFi Protected Access (WPA)

A wireless security protocol for devices to connect to the internet

Attack Surface

All the potential vulnerabilities that a threat actor could exploit

Telnet

An application layer protocol that allows a device to communicate with another device or server.

Dynamic Host Configuration Protocol (DHCP)

An application layer protocol used on a network to configure devices

Post Office Protocol (POP)

An application layer protocol used to manage and retrieve email from a mail server

Denial of Service Attack (DoS)

An attack that targets a network or server and floods it with network traffic

On-path attack

An attack where a malicious actor places themselves in the middle of an authorized connection and intercepts or alters the data in transit

Transmission Control Protocol (TCP)

An internet communication protocol that allows two devices to form a connection and stream data

Uncontrolled Zone

Any network outside your organization's control

Physical Layer

Corresponds to the physical hardware involved in network transmission. Hubs, modems, and the cables and wiring that connect them are all considered part of the.

Session Layer

Describes when a connection is established between two devices. Allows the devices to communicate with each other.

Port 25

Email (SMTP)

Network

Group of connected devices

Transport Layer (OSI)

Is responsible for delivering data between devices. This layer also handles the speed of data transfer, flow of the transfer, and breaking data down into smaller segments to make them easier to transport.

Port 20

Large file transfers

Data Link Layer

Organizes sending and receiving data packets within a single network. Is home to switches on the local network and network interface cards on local devices.

Network Layer

Oversees receiving the frames from the data link layer (layer 2) and delivers them to the intended destination.

Virtualization Tools

Pieces of software that perform network operations

Software as a Service (SaaS)

Refers to software suites operated by the CSP that a company can use remotely without hosting the software.

Infrastructure as a Service (IaaS)

Refers to the use of virtual computer components offered by the CSP.

Platform as a Service (PaaS)

Refers to tools that application developers can use to design custom applications for their company.

Forward Proxy Server

Regulates and restricts a person's access to the internet.

Reverse Proxy Server

Regulates and restricts the internet's access to an internal server

Port 443

Secure internet communication

Internet Control Message Protocol (ICMP)

Shares error information and status updates of data packets. This is useful for detecting and troubleshooting network errors.

Cloud-based firewalls

Software firewalls that are hosted by the cloud service provider

Protocol: IMAP

TCP Port 143 (unencrypted) TCP Port 995 (encrypted, SSL/TLS)

Protocol: SSH

TCP Port 22

Protocol: Telnet

TCP Port 23

Transport Layer

TCP/IP model layer that Includes protocols to control the flow of traffic across a network.

Network Access Layer

TCP/IP model layer that deals with creation of data packets and their transmission across a network.

Internet Layer

TCP/IP model layer that is where IP addresses are attached to data packets to indicate the location of the sender and receiver. It also focuses on how networks connect to each other.

Application Layer

TCP/IP model layer where protocols determine how the data packets will interact with receiving devices.

Protocol: POP3

TCP/UDP Port 110 (unencrypted) TCP/UDP Port 997 (encrypted, SSL/TLS)

Protocol: SMTP

TCP/UDP Port 587 (encrypted, TLS)

Bandwidth

The amount of data a device receives every second

Packet Sniffing

The practice of capturing and inspecting data packets across a network

Cloud Computing

The practice of using remote servers, applications, and network services that are hosted on the internet instead of on local physical devices

Network log analysis

The process of examining network logs to identify events of interest

Security Hardening

The process of strengthening a system to reduce its vulnerabilities and attack surface

Speed

The rate at which data packets are received or downloaded

Subnetting

The subdivision of a network into logical groups called subnets.

Presentation Layer

This layer adds to and replaces data with formats that can be understood by applications (layer 7) on both sending and receiving systems.

Application Layer (OSI)

This layer includes all of the networking protocols that software applications use to connect a user to the internet.

Protocol: DHCP

UDP Port 67 (Servers) UDP Port 68 (Clients)

Internet Message Access Protocol (IMAP)

Used for incoming emails

Secure Shell (SSH)

Used to create a secure connection with a remote system

Simple Mail Transfer Protocol (SMTP)

Used to transmit and route email from the sender to the recipient's address.