Chapter 3 - Understanding Devices and infrastructure Flashcards Preview

CompTIA Security+ > Chapter 3 - Understanding Devices and infrastructure > Flashcards

Flashcards in Chapter 3 - Understanding Devices and infrastructure Deck (25):
1

Rene

What consists of TCP 3-way handshake

page 86
SYN > SYN/ACK > ACK

2

Rene
What is APIs?

page 86
Application Programming Interfaces
Allows programmers to create interfaces to the protocol suite

3

Rene

What ports does iSCSI use?

page 87
Internet Small Computer Systems Interface
Uses ports 860 and 3260 by default for allowing data storage and transfers across the existing network

4

Rene

When designing a security topology, what are the 7 common element s to consider?

page 87
* DMZs
* Subnetting
* VLANs
* Remote Access
* NAT
* Telephony
* NACs

5

Rene

What are the two reasons subnetting is implemented?

page 89
* To use IP address more effectively'
* To make the network more secure and manageable.

6

Rene

What tunneling protocol supports encapsulation in a single point-to-point environment.

page 90
Point-to-Point Tunneling Protocol (PPTP)
Uses port 1723

7

Rene

Which Tunneling protocol is a hybrid of PPTP and L2F?

page 91
Layer 2 Tunneling Protocol (L2TP)
It's primarily a Point-to-Point protocol and supports multiple network protocols and can be used in networks besides TCP/IP.

8

Rene

What is IPSec?

page 91
Is not a tunneling protocol, but it is used in conjunction with tunneling protocols. IPSec provides secure authentication and encryption of data and headers; this makes a good choice for security.

9

Rene

What acts as proxy between the local area network, and creates a unique opportunity to assist in the security of a network.

page 93
Network Address Translation (NAT)

10

Rene

What are the private address ranges?

page 93
10.0.0.0. to 10.255.255.255
172.16.0.0 to 172.31.255.255
192.168.0.0 to 192.168.255.255

11

Rene

What does Packet Filter Firewalls Do?

page 97
Passes or blocks traffic to specific addresses based on the type of application.
Don't analyze the data of a packet: it decides whether to pass it based on the packet's addressing information

12

Rene

How many NICs does a proxy firewall typically use?

page 99
two, referred to as a dual-home firewall

13

Rene

Anytime you have a system that is configured with more than one IP address, it can be said to be ____?

page 99
Multi-homed

14

Rene

What type of proxy function reads the individual commands of the protocols that are being served

page 99
Application-Level

15

Rene

What type of proxy function creates a circuit between the client and the server and doesn't deal with the contents of the packets that are being processed?

page 99
Circuit-Level

16

Rene

What splits the traffic intended for a website into individual requests that are then rotated to redundant servers as they become available and shift a load from one device to another?

page 103
Load Balancer

17

Rene

What are IDS and how can they be utilized?

page 105
A software that runs either on individual workstations or on network devices to monitor and track network activity.

Can be configured to act as a burglar alarm

18

Rene

What are several key terms associated with IDS?

page 107
Activity Administrator
Alert Analyzer
Data Source Event
Manager Notification
Operator Sensor

19

Rene

What are IDS four primary approaches?

page 109
Behavior-Based_Detection IDS
Signature-Based-Detection IDS
Anomaly-Based-Detection IDS
Heuristic IDS

20

Rene

What attaches itself to the system to a point in the network where it can monitor and report on all traffic, can be in front of or behind the firewall.

page 111
Network-Based IDS (NIDS)

21

Rene

What is the most common type of response to many intrusions and in general the easiest to develop and implement?

page 113
Passive Response

22

Rene

What are three types of passive response strategies?

page 113
Logging
Notification
Shunning

23

Rene

What are three types of active response strategies?

page113
Terminating Processes or Sessions
Network Configuration Changes
Deception

24

Rene

What are HIDS?

page 116
Host-based IDS
Are designed to run as software on a host computer system

25

Rene

What TWO major problems HIDS aren't easily overcome?

page 117
* 1st problem involves a compromise of the system.
* 2nd problem is that it must be deployed on each system that needs it.