Chapter 3 Security+: Understanding Devices & Infrastructure

Ace your homework & exams now with Quizwiz!

switch

A network device that can replace a router or hub in a local network and get data from a source to a destination. Allows for higher speeds.

Alarm

A notification that an unusual condition exists and should be investigated

Application-level proxy

A device or software that recognizes application-specific commands and offers granular control over them

Clustering

A method of balancing loads and providing fault tolerance.

Active Response

A response generated in real time

Hardware Security Module (HSM)

A software or appliance stand-alone used to enhance security and commonly used with PKI systems.

Access Control List (ACL)

A table or data file that specifies whether a user or group has access to a specific resource on a computer or network

Alert

An indication that an unusual condition could exist and should be investigated.

Data Loss Prevention (DLP)

Any systems that identify, monitor, and protect data prevent it from unauthorized use, modification, destruction, egress, or exfiltration from a location

Anomaly-Detection Intrusion Detection System (AD-IDS)

Looks for deviations from a pattern of normal network traffic

Access Point (AP)

The point at which acres to a network is accomplished.

load balancing

dividing a load for greater efficiency of management among multiple devices.

stateful inspection

inspections that occur at all levels of the network and provide additional security using a state table that tracks every communications channel.

Authentication Header (AH)

An IPSec header used to provide connectionless integrity and data origin authentication for IP datagrams and to provide protection against replays

All-in-one-appliance

An appliance that performs multiple functions

Appliance

Freestanding device that operates in a largely self-contained manner

Compensating controls

Gap controls that fill in the coverage between other types of vulnerability mitigation techniques (where there are holes in coverage, we compensate for them).

Encapsulating Security Payload (ESP)

IPSec header used to provide a mix of security services in IPv4 and IPv6. ESP can be used alone or in combination with the IP Authentication Headers

Analyzer

The component or process that analyzes the data collected by the sensor

Anomalies

Variations from normal operations

firewall

a combination of hardware & software filters place between trusted and untrusted networks intended to protect a network from attack by hackers who could gain access through public networks, including the Internet.

implicit deny

a condition that states that unless otherwise given, the permission will be denied.

false positive

a flagged event that isn't really an event and has been falsely triggered

passive response

a nonactive response, such as logging. most common response to many intrusions.

secure sockets layer (SSL)

a protocol that secures messages by operating between the Application layer (HTTP) and the Transport layer.

proxy firewall

a proxy server that also acts as a firewall, blocking network access from external networks.

signature-based system

a system that acts based on the digital signature it sees and offers no repudiation to increase the integrity of a message.

proxy server

a type of server that makes a single internet connection and services requests on behalf of many users

proxy

a type of system that prevents direct communication between a client and a host by acting as an intermediary.

SSID broadcast

an access point's broadcasting of the network name

network-based IDS (NIDS)

an approach to an intrusion detection system (IDS); it attaches the system to a point in the network where it can monitor and report on all network traffic.

false negative

an event that should be flagged but isn't

host-based IDS (HIDS)

an intrusion detection system that is host based.

network intrusion prevention system (NIPS)

an intrusion prevention system that is network based

encapsulation

process of enclosing data in a packet

Internet Protocol Security (IPSec)

set of protocols that enable encryption, authentication, and integrity over IP.

SIEM (security information and event management)

software that combines security information management (SIM) and security even management (SEM) functions to provide real-time analysis of security alerts.

key management

the management of all aspects of cryptographic keys in a cryptosystem, including key generation, exchange, storage, use, destruction and replacement.

network access control (NAC)

the set of standards defined by the network for clients attempting to access it. usually requires clients for be virus free and adhere to specified policies.

intrusion detection system (IDS)

tools that identify attacks using defined rules or logic and are considered passive

intrusion prevention systems (IPS)

tools that respond to attacks using defined rules or logic and are considered active.


Related study sets

Fruits and Types of Inflorescence

View Set

RN Targeted Medical Surgical Neurosensory and Musculoskeletal 2019

View Set

Med Surg Prep U Chapter 23: Caring for Clients with Infectious and Inflammatory Disorders of the Heart and Blood Vessels - ML5

View Set

Five Steps of the scientific method

View Set

FRENCH 1001 ORAL QUESTIONS Horizons

View Set

MGMT 102 - Chapter 20 Corporations - Organization and Capital Stock

View Set

Peds - Ch 25 Growth and Development of the Newborn and Infant

View Set