Devices and Infrastructure

Security Zones

Network Security Solutions

DMZ

Firewalls

Firewall Features

100

Is a Private Network (LAN) that employs internet information services for internal use only.

What is Intranet

100

Is a type of firewall that stands as an intermediary between clients requesting resources from other servers.

What is a proxy server

100

Any host that is exposed to attack and that has been hardened against those attacks.

What is a bastion/sacrificial host

100

Makes decisions about which network traffic to allow by examining information in the IP packet header.

What is Stateless

100

Feature helps prevent attackers from discovering your network through ICMP Echo.

What is block ping to WAN

200

Is a Public Network.

What is the internet

200

Is software used to monitor and restrict content.

What is Internet content filter

200

Is the router that is most external to your network and closest to the internet.

What is screening router

200

Makes decisions about which traffic to allow based on sessions.

What is Stateful

200

Feature prevents the response to port scans from the WAN

What is Stealth Mode

300

Is privately controlled and is located between the internet and private LAN

What is Extranet

300

Controls access to the network by not allowing computer to access network resources unless they meet certain redefined security requirements

What is Network Access Control

300

Is a firewall device that typically has three network interfaces.

What is a dual-homed gateway

300

Protects your network from SYN attacks

What is TCP Flood

300

Feature helps prevent ____ flood attacked by metering the number of simultaneous.

What is UDP Flood

400

Uses a WAP to connect to the network

What is wireless

400

Combine many security functions into a single device.

What is All-in-one security appliances

400

Resides within the DMZ, requiring users to authenticate in order to access resources.

What is screened-host gateway

400

To help prevent ping floods.

What is Echo Storm Detect Rate

400

This feature can silently block the sending of this notifications.

What is ICMP Notification

500

Contains publicly accessible resources.

What is DMZ

500

Device that has the ability to analyze and mange network traffic based on the Application layer protocol that created it.

What is Application-aware devices.

500

Uses two firewalls

What is Screened subnet

500

To help prevent SYN floods

What is SYN flood Detect Rate

500

This feature monitors non-ping ICMP packets.

What is ICMP Flood Detect Rate