5 - Devices and Stuff Flashcards Preview

CASP+ > 5 - Devices and Stuff > Flashcards

Flashcards in 5 - Devices and Stuff Deck (16)
Loading flashcards...
1
Q

What is an INE?

A

an inline network encryptor

2
Q

What is NAC?

A

Network access control, which improves network security by employing policies that mandate devices meet certain security minimums before being granted network access

3
Q

What is NAC?

A

Network access control, which improves network security by employing policies that mandate devices meet certain security minimums before being granted network access

4
Q

What are SIEM utilities?

A

Security information and event management (SIEM) utilities analyze and correlate logs and events from multiple sources as well as provided real-time alerting features.

5
Q

What are SIEM utilities?

A

Security information and event management (SIEM) utilities analyze and correlate logs and events from multiple sources as well as provided real-time alerting features.

6
Q

What is a VLAN?

A

a virtual LAN (VLAN) helps secure networks by isolating hosts into separate logical groups - devices not explicitly permitted access to the VLAN are implicitly blocked

7
Q

What is a VLAN?

A

a virtual LAN (VLAN) is a switch security feature that helps secure networks by isolating hosts into separate logical groups - devices not explicitly permitted access to the VLAN are implicitly blocked

8
Q

Packet-filtering firewall

A

considered a basic firewall since it only evaluates the source/destination IP addresses and port numbers (OSI layer 3 and a smidge of layer 4) of traffic, Due to minimal inspection overhead, this firewall is the fastest of the bunch

9
Q

stateful firewall

A

improvement over packet-filtering firewalls, stateful firewalls consider the “state” or history of a connection (OSI layer 4) as opposed to focusing only on individual packets. The downside to stateful firewalls is that their overhead results in reduced network performance

10
Q

application level firewall

A

an improvement over stateful firewalls, these firewalls con understand the application and protocol data contained in the data portions of the traffic (OSI layers 5, 6, & 7). This additional inspection further reduces network performance

11
Q

Next-generation firewall

A

(NGFW)s are designed to replace the “traditional firewalls”. NGFWs include application-level firewall capabilities, but may also add intrusion prevention, user/group-level access, plus the incorporation of intelligence from outside sources like the internet

12
Q

Next-generation firewall

A

(NGFW)s are designed to replace the “traditional firewalls”. NGFWs include application-level firewall capabilities, but may also add intrusion prevention, user/group-level access, plus the incorporation of intelligence from outside sources like the internet. Downside is these devices are more complex to manage plus their increased feature set can create more single points of failure

13
Q

Next-generation firewall

A

(NGFW)s are designed to replace the “traditional firewalls”. NGFWs include application-level firewall capabilities, but may also add intrusion prevention, user/group-level access, plus the incorporation of intelligence from outside sources like the internet. Downside is these devices are more complex to manage plus their increased feature set can create more single points of failure

14
Q

router

A

connects networks to networks in order to forward traffic based on network addresses. Unlike traditional switches, routers utilize the IP protocol (layer 3), which supports inter-networking and patch determination

15
Q

Hardware security modules

A

HSMs priced key generation and safeguarding services, speed up specific cryptographic operation on platforms requiring strong authentication, and provide access control capabilities

16
Q

Hardware security modules

A

HSMs priced key generation and safeguarding services, speed up specific cryptographic operation on platforms requiring strong authentication, and provide access control capabilities. HSMs can also prevent unauthorized applications from execution on the local host system or network.