Google Cybersecurity 3
Data Packet
A basic unit of information that travels from one device to another within a network
Stateful
A class of firewall that keeps track of information passing through it and proactively filters out threats
Stateless
A class of firewall that operates based on predefined rules and that does not keep track of information from data packets
Botnet
A collection of computers infected by malware that are under the control of a single threat actor
Cloud network
A collection of servers or computers that stores resources and data in remote data centers that can be accessed via the internet
tcpdump
A command-line protocol analyzer. Administrators use it to capture packets.
User Datagram Protocol (UDP)
A connectionless protocol that does not establish a connection between devices before transmissions.
Modem
A device that connects your router to the internet and bring internet access to the LAN
Switch
A device that makes connections between specific devices on a network by sending and receiving data between them
Baseline configuration (baseline image)
A documented set of specifications within a system that is used as a basis for future builds, releases, and updates
Port Filtering
A firewall function that blocks or allows certain port numbers to limit unwanted communication
TCP/IP Model
A framework used to visualize how data is organized and transmitted across the network
Replay Attack
A network attack performed when a malicious actor intercepts a data packet in transit and delays it or repeats it at another time
IP spoofing
A network attack performed when an attacker changes the source IP of a data packet to impersonate an authorized system and gain access to a network
Smurf Attack
A network attack performed when an attacker sniffs an authorized user's IP address and floods it with ICMP packets
Hub
A network device that broadcasts information to every device on the network
Router
A network device that connects multiple networks together
Hypertext Transfer Protocol Secure (HTTPS)
A network protocol that provides a secure method of communication between clients and servers
Domain Name System (DNS)
A network protocol that translates internet domain names into IP addresses
Simple Network Management Protocol (SNMP)
A network protocol used for monitoring and managing devices on a network
Address Resolution Protocol (ARP)
A network protocol used to determine the MAC address of the next router or device on the path
Firewall
A network security device that monitors traffic to or from your network
Virtual Private Network (VPN)
A network security service that changes your public IP address and masks your virtual location so that you can keep your data private when you are using a public network like the internet.
Wide Area Network (WAN)
A network that spans a large geographic area such as a city, state, or country
Local Area Network (LAN)
A network that spans area like an office building, a school, or a home
Encapsulation
A process performed by a VPN service that protects your data by wrapping sensitive data in other data packets
Secure File Transfer Protocol (SFTP)
A secure protocol used to transfer files from one device to another over a network
Multi-factor authentication
A security measure which requires a user to verify their identity in two or more ways to access a system or network.
Network Segmentation
A security technique that divides the network into segments
Security Zone
A segment of a network that protects the internal network from the internet
Proxy Server
A server that fulfills the requests of its clients by forwarding them to other servers
Network Protocols
A set of rules used by two or more devices on a network to describe the order of delivery and the structure of the data.
IEEE 802.11 (Wi-Fi)
A set of standards that define communication for wireless LANs
Internet Protocol (IP)
A set of standards used for routing and addressing data packets as they travel between devices on a network
Penetration Test
A simulated attack that helps identify vulnerabilities in systems, networks, websites, applications, and processes
Patch update
A software and operating system update that addresses security vulnerabilities within a program or product
Port
A software-based location that organizes the sending and receiving of data between devices on a network.
Open systems interconnection (OSI) model
A standardized concept that describes the seven layers computers use to communicate and send data over the network.
Controlled Zone
A subnet that protects the internal network from the uncontrolled zone
Ping of Death
A type of DoS attack caused when a hacker pings a system by sending it an oversized ICMP packet that is bigger than 64KB
Internet Control Message Protocol (ICMP) Flood
A type of DoS attack performed by an attacker repeatedly sending ICMP request packets to a network server
SYN (synchronize) Flood Attack
A type of DoS attack that simulates a TCP connection and floods a server with SYN packets.
Active Packet Sniffing
A type of attack where data packets are manipulated in transit
Passive Packet Sniffing
A type of attack where data packets are read in transit
Distributed Denial of Service attack (DDoS)
A type of denial or service attack that uses multiple devices or servers in different locations to flood the target network with unwanted traffic
Media Access Control (MAC) address
A unique alphanumeric identifier that is assigned to each physical device on a network.
Internet Protocol (IP) Address
A unique string of characters that identifies the location of a device on the internet
Wired Equivalent Privacy (WEP)
A wireless security protocol designed to provide users with the same level of privacy on wireless network connections as they have on wired network connections.
WiFi Protected Access (WPA)
A wireless security protocol for devices to connect to the internet
Attack Surface
All the potential vulnerabilities that a threat actor could exploit
Telnet
An application layer protocol that allows a device to communicate with another device or server.
Dynamic Host Configuration Protocol (DHCP)
An application layer protocol used on a network to configure devices
Post Office Protocol (POP)
An application layer protocol used to manage and retrieve email from a mail server
Denial of Service Attack (DoS)
An attack that targets a network or server and floods it with network traffic
On-path attack
An attack where a malicious actor places themselves in the middle of an authorized connection and intercepts or alters the data in transit
Transmission Control Protocol (TCP)
An internet communication protocol that allows two devices to form a connection and stream data
Uncontrolled Zone
Any network outside your organization's control
Physical Layer
Corresponds to the physical hardware involved in network transmission. Hubs, modems, and the cables and wiring that connect them are all considered part of the.
Session Layer
Describes when a connection is established between two devices. Allows the devices to communicate with each other.
Port 25
Email (SMTP)
Network
Group of connected devices
Transport Layer (OSI)
Is responsible for delivering data between devices. This layer also handles the speed of data transfer, flow of the transfer, and breaking data down into smaller segments to make them easier to transport.
Port 20
Large file transfers
Data Link Layer
Organizes sending and receiving data packets within a single network. Is home to switches on the local network and network interface cards on local devices.
Network Layer
Oversees receiving the frames from the data link layer (layer 2) and delivers them to the intended destination.
Virtualization Tools
Pieces of software that perform network operations
Software as a Service (SaaS)
Refers to software suites operated by the CSP that a company can use remotely without hosting the software.
Infrastructure as a Service (IaaS)
Refers to the use of virtual computer components offered by the CSP.
Platform as a Service (PaaS)
Refers to tools that application developers can use to design custom applications for their company.
Forward Proxy Server
Regulates and restricts a person's access to the internet.
Reverse Proxy Server
Regulates and restricts the internet's access to an internal server
Port 443
Secure internet communication
Internet Control Message Protocol (ICMP)
Shares error information and status updates of data packets. This is useful for detecting and troubleshooting network errors.
Cloud-based firewalls
Software firewalls that are hosted by the cloud service provider
Protocol: IMAP
TCP Port 143 (unencrypted) TCP Port 995 (encrypted, SSL/TLS)
Protocol: SSH
TCP Port 22
Protocol: Telnet
TCP Port 23
Transport Layer
TCP/IP model layer that Includes protocols to control the flow of traffic across a network.
Network Access Layer
TCP/IP model layer that deals with creation of data packets and their transmission across a network.
Internet Layer
TCP/IP model layer that is where IP addresses are attached to data packets to indicate the location of the sender and receiver. It also focuses on how networks connect to each other.
Application Layer
TCP/IP model layer where protocols determine how the data packets will interact with receiving devices.
Protocol: POP3
TCP/UDP Port 110 (unencrypted) TCP/UDP Port 997 (encrypted, SSL/TLS)
Protocol: SMTP
TCP/UDP Port 587 (encrypted, TLS)
Bandwidth
The amount of data a device receives every second
Packet Sniffing
The practice of capturing and inspecting data packets across a network
Cloud Computing
The practice of using remote servers, applications, and network services that are hosted on the internet instead of on local physical devices
Network log analysis
The process of examining network logs to identify events of interest
Security Hardening
The process of strengthening a system to reduce its vulnerabilities and attack surface
Speed
The rate at which data packets are received or downloaded
Subnetting
The subdivision of a network into logical groups called subnets.
Presentation Layer
This layer adds to and replaces data with formats that can be understood by applications (layer 7) on both sending and receiving systems.
Application Layer (OSI)
This layer includes all of the networking protocols that software applications use to connect a user to the internet.
Protocol: DHCP
UDP Port 67 (Servers) UDP Port 68 (Clients)
Internet Message Access Protocol (IMAP)
Used for incoming emails
Secure Shell (SSH)
Used to create a secure connection with a remote system
Simple Mail Transfer Protocol (SMTP)
Used to transmit and route email from the sender to the recipient's address.