Show:
Network Security Devices
Secure Admin Principles
Network Design Security
Cloud
OSI Model
100
Wireshark is an example of this
What is a protocol analyzer?
100
All access is predefined. Rigid model of security and is also considered the most secure security model.
What is Mandatory Access Control (MAC)?
100
What VLAN stands for.
What is Virtual Local Area Network?
100
Provides you the computing infrastructure, physical or virtual machines and other resources like virtual-machine disk image library, block and file-based storage, firewalls, load balancers, IP addresses, virtual local area networks etc. Examples: Amazon EC2, Windows Azure, Rackspace, Google Compute Engine.
What is Infrastructure as a Service (IaaS)?
100
Uses HTTP and Telnet at this layer.
What is this Application Layer?
200
This actively monitors activity on a network. Will detect and block attacks.
What is a NIPS?
200
Protection feature built into many firewalls that allows the administrator to tweak the tolerance for unanswered login attacks. Reducing the tolerances makes DoS attacks less likely to succeed.
What is Flood Guard?
200
Using the subnet mask value to divide a network into smaller networks. This gives you more networks but a smaller number of hosts available on each.
What is subnetting?
200
Vendors allow apps to be created and run on their infrastructure. Typically used for programming languages. EX: Amazon Web Services and Google Code
What is Platform as a Service (PaaS)?
200
These are the 7 layers of the OSI model.
What are the Application, Presentation, Session, Transport, Network, Data Link, and Physical Layers?
300
Filters traffic between networks, both incoming and outgoing.
What is a Firewall?
300
Implied at the end of each ACL. If something has not been explicitly granted, then access is automatically denied.
What is implicit deny?
300
Allows an organization to use a single internet IP address for all computer connections, but can use multiple public IPs. Hides your network from the world. Provides inside hosts private IP addresses which are non-routable.
What is Network Address Translation (NAT)?
300
Provisioned for exclusive use by a single organization comprising of multiple consumers. May be owned, managed, and operated by the organization, third party, or some combination.
What is Private cloud?
300
Uses TCP/UDP at this layer
What is Layer 4 / Transport Layer?
400
Looks for variations in behavior, such as, unusually high traffic, policy violations, and more. By looking for deviations in behavior, it is able to recognize potential threats and respond to them quickly.
What is a Behavior-based IDS?
400
Enables devices in your network to ignore requests from specified users or systems or to grant them access to certain network capabilities. Uses implicit and explicit deny.
What is Access Control Lists (ACLs)?
400
An area where you can place a public server for access by people you might not otherwise trust.
What is the Demilitarized Zone (DMZ)?
400
Provisioned for open use by the general public. May be owned, managed, and operated by a business, academic, or government organization, or some combination. Exists on the premises of the cloud provider.
What is Public cloud?
400
Uses IP at this layer
What is Layer 3 / Network Layer?
500
Specifically designed to protect a web application, which is commonly hosted on a web server. Placed between a server hosting a web application and a client. Operates at the highest level of the OSI model.
What is WAF (Web Application Firewall)
500
Port authentication that requires end devices to authenticate with an authentication server before being granted access to the network.
What is 802.1x
500
Set of standards defined by the network for clients attempting to access it. Normally requires clients be virus free and adhere to specified policies before allowing them access to the network.
What is Network Access Control (NAC)?
500
Applications are remotely run over the web. No local hardware is required and no software applications need to be installed on the machine accessing the site. Costs are normally computed on a subscription basis. EX: Remedy and gmail
What is Software as a Service (SaaS)?
500
Uses frames at this layer.
What is Layer 2 or the Data Link Layer?