Network Security Final Review

Ace your homework & exams now with Quizwiz!

deployment multiple subnets in series to separate private resources from public. This is known as an N-tier deployment.

Defense in Depth

Firewall rule that assumes that all traffic is potentially malicious or at least unwanted or unauthorized; everything is prohibited by default

Deny-by-Default

supports multiple layers of security, such as IDS or IPS

Diversity of Defense

This version of NAT maps an unregistered IP address to a registered IP address from a group of registered IP addresses.

Dynamic NAT

Which of the following is a core Internet Protocol Security (IPSec) protocol that provides encryption only, both encryption and integrity protection, or integrity protection only in all but the oldest IPSec implementations?

ESP

- the VPN termination point - the VPN link exists only over the public internet (not within the private LAN). - ensures that a firewall can filter the traffic exiting the VPN to move into the LAN

Edge Router

Which of the following can perform authentication to provide integrity protection, although not for the outermost IP header?

Encapsulating Security Payload (ESP)

Security failures should fail into a state that supports or maintains essential security protections

Failsafe

What is the first step in deploying a firewall?

Firewall Policy

ensuring that everyone abides by security limitations. Potentially, users have many ways to purposefully violate security

Forced Universal Participation

- most common type of VPN deployed. - more scalable - can create some security issues, due to possible vulnerabilities in the VPN software code on the appliance.

Hardware VPN

VPN that establishes a secure VPN over trusted VPN connections.

Hybrid VPN

a protocol that helps us to protect IP traffic on the network layer (layer 3).

IPsec

Which of the following statements is TRUE of an Internet Protocol Security (IPSec) virtual private network (VPN) when compared to a Secure Sockets Layer/Transport Layer Security (SSL/TLS) VPN?

It requires client software.

Developed by Cisco, used for the "tunneling" of link protocols

Layer 2 Forwarding (L2F)

Created with an agreement to Microsoft and Cisco, allows the "tunneling" of PPP traffic on serveral network.

Layer 2 Forwarding Protocol (L2TP)

Virtual private networks (VPNs) and which standard have historically suffered from conflicts when used together?

NAT

Which of the following BEST describes a technology with inherent security risks and that can reveal information a user did NOT intend to share?

P2P

Developped by Microsoft, is a Point to Point Protocol (PPP) extension that encapsulates IP, IPX, NetBEUI into IP packets

Point to Point Tunneling Protocol (PPTP)

firewall, proxy, and routing service that can receive a resource request on an interface at one port, then forward the request to another address on the same or different port

Port Forwarding

•proprietary protocol developed by Microsoft which provides a user with a GUI to connect to another computer over a network connection.

RDP(remote desktop protocol)

•Also known as host-to-site VPN •Supports single-host VPN connections into a LAN site

Remote Access

a firewall service that allows external users access to internally hosted web resources.

Reverse Proxy

A method for secure remote login and other secure network services over a public network such as the Internet

SSH (Secure Shell)

◦Can be used for tunneling the entire network traffic or to make it secure a individual connection

SSL/TLS

Encryption ensures privacy even over public networks, such as the Internet.

Secured VPN

the process that any information system is secure as long as security vulnerabilities remain hidden

Security through Obscurity (StO)

•Also known as LAN-to-LAN VPNs or WAN VPN connections between LANs •Supports secure connections between LANs over intermediary public networks •Can be an inexpensive mechanism to create a single distributed LAN

Site-to-Site VPN

type of VPN used in used in smaller companies less scalable and less stable, and are open source

Software VPN

______________ is a computer networking concept which allows a user to access dissimilar security domains like a public network (e.g., the Internet) and a local LAN at the same time

Split Tunneling

Analisa uses her virtual private network (VPN) connection to simultaneously connect to the office LAN and her personal computer at home. What security risk does this pose?

Split-Tunneling

- This version of NAT maps an unregistered IP address on the private network to a registered IP address on the public network on a one-to-one basis. - This is used when the translated device must be accessible from the public network

Static NAT

Which of the following is a protocol that supports Advanced Encryption Standard (AES) with 128, 192, and 256 keys?

TLS

___________ mode encryption protects only the original IP packet's payload.

Transport

The primary organization owns all of the network infrastructure components, including

Trusted VPN

__________ mode encryption protects the entire original IP packet's header and payload.

Tunnel

la mechanism to establish a secure remote access connection across the Internet

VPN

specifically handles the load of a VPN

VPN Appliance

A combination of tools and processes that allow you to reduce risk in your computing environment

Vulnerability Management

la combination of tools and processes that allow you to reduce risk in your computing environment, including VPN-connected systems and networks.

Vulnerability Management

__________________'s are a single standalone device with all the necessary security functions needed to run a VPN connection.

•Hardware VPNs

use select protocols to connect a piece of client software to a VPN server.

•Software VPNs

Assumes that most traffic is benign; everything is allowed by default

Allow-by-Default

Virtual private networks (VPNs) allow external entities to connect to and interact with a private network. What does identity verification require?

Authentication

Which of the following provides integrity protection for packet headers and data and can optionally provide replay protection and access protection?

Authentication Header

•Keeping a spare VPN product on your shelf, configured and ready to go live in the event of a failure

Built-in-Redundancy

•The pathway can be used to control bandwidth consumption, filter content, provide authentication services, or enforce authorization •Forces traffic, communications, and activities through a single pathway or channel

Chokepoint

- the traffic entering or leaving the VPN does not pass through the filtering restrictions of the firewall. - Instead, the firewall just serves as a entering point for the VPN tunnel endpoint.

Corporate Firewall


Related study sets

Business and Finance Study Guide for Exam: 2021

View Set

MEGA/MOCA exam flash cards mild/moderate cross categorical special education

View Set

PLS Quiz Final - Week 4: Microsoft Access

View Set

Chapter 7 Managerial Accounting 202 Activity based costing: A tool to aid decision making

View Set

2nd Industrial Revolution, 2nd Hour, U.S History

View Set

CHAPTER 42 EAQ - STUDY QUESTIONS

View Set

Ch. 14; HR: Employment Discrimination

View Set

Cartas sobre la ley y la gracia: Romanos y Galatas

View Set