Chapter 2

Demilitarized Zone (DMZ)

A network segment between two firewalls. Public-Facing servers, such as web servers, are often placed in a DMZ. Place you put public servers to be accessed by people whom you might not trust otherwise. Allows you to hide or remove access to other areas of your network

Virtual Private Network (VPN)

A private network connection that occurs through a public network. It provides security when connecting two LANS over the internet and generally uses L2TP, IPsec, or PPTP to secure data

Unified Extensible Firmware Interface (UEFI)

A replacement for a BIOS with more features

Self Encrypting Device (SED)

Has a controller chip that automatically encrypts and decrypts the drive provided the proper password is used

Key Encryption Key (KEK)

The key that decrypts the MEK, allowing it to decrypt the device

Information Security Management System (ISMS)

A broad term that applies to systems that manage information security

Media Encryption Key (MEK)

The encryption key used by SED's

Stateful Packet Inspection (SPI)

A firewall that not only examines each packet but also remembers the recent previous packets

Zones

Segments of the network with different levels of security.This helps prevent an attacker from gaining access to the entire network should one zone be breached

Intranet

Websites only accessible through the organizations network

Software-Defined Network (SDN)

When the entire network, including all security devices , is virtualized

Extranet

When you allow an outside entity, such as a business partner or client , access to a part of your intranet