Chapter 3.2 Flashcards
(39 cards)
Split Tunnel
Split tunnel is means of encrypting connection on demand for VPN’s. It will only encrypt outbound traffic to private IP addresses.
In a split tunnel VPN, administrators decide where traffic is routed. A split tunnel can decipher whether traffic goes to a private network or not.
Always On
Always on VPNs allow for a continued connection between the geographically separated servers and the employee.
UTM
Unified threat management (UTM) combines multiple security controls to provide a more robust security strategy and minimize the management of these devices.
Site-to-site
A site to site Virtual Private Network (VPN) connects multiple networks versus one. Remote users can access both locations as if they were onsite without noticing the location separation.
SSL accelator
A Secure Socket Layer (SSL) Accelerator is designed to offload tasks from servers allowing network load to be distributed. It can provide a seamless service to consumers of network applications while balancing out session requests.
SSL decryptor
An SSL decryptor provides protection from malicious threats over secure connections and would be placed in the DMZ.
DMZ
The Demilitarized Zone (DMZ) is between the two firewalls providing a layer of protection for the internet facing servers. It is an area of a network that is designed for public and company use. The DMZ is a buffer network between the public untrusted Internet and the private trusted LAN.
ad hoc
An Ad Hoc zone is created when two or more wireless devices connect to one another creating an on-demand network.
Guest
A guest network is a wireless network used to provide non-employees or guests with internet access. This access is limited to certain functions, such as internet surfing and email.
Normalization
Normalization is used to optimize database performance by removing duplicates, use of primary keys, and related data contained in separate tables. A database is considered normalized when it conforms to the first three forms of normalization.
firewall
A firewall filters traffic. It can be used for a single host or between networks. It regulates both inbound and outbound traffic, providing a layer of security inbound and out. Firewalls can be configured with Access Control Lists (ACL).
Firewalls allow the network administrator to divide the network into different network segments known as zones
load balancing
Load balancers can equalize the traffic load between servers eliminating unscheduled downtimes. Load balancing uses multiple servers to support a single service. Load balancing can ensure system availability.
RAID
Redundant Array of Inexpensive Disks (RAID) provide increased system availability and fault tolerance for disks.
Clustering
Clustering provides for high availability for servers and can remove the single point of failure. Clustering is similar to load balancing, but is more costly than RAID implementations.
single point of failure
A single point of failure is a critical component of a system that in the event it fails, the whole system can crash.
sensors
Sensors gather information to determine if the data being passed is malicious or not. The internet facing sensor will see all traffic and determine its intent. The sensor behind the firewall will only see filtered traffic. The sensors send findings to the NIDS console.
Correlation engine
A correlation engine is part of a Security Information and Event Manager (SIEM). It captures and examines logged events to alert administrators of potential threats on a network.
proxy
A proxy is a device that acts on behalf of another service. A proxy examines the data and makes rule-based decisions about whether the request should be forwarded or refused.
bridge
A bridge is used to connect multiple networks.
aggregation switch
An aggregation switch can connect multiple subnets to reduce the number of active ports. When aggregating subnets, the subnets are connected to the switch versus the router.
wireless
The wireless topology is used to extend a wired local area network through the use of an antenna
static code analyzers
A static code analyzer examines code quality and effectiveness without executing the code. An analyzer can be used in conjunction with development, for continued code quality checks, or once the code is in its finalization stages.
airgap
An airgap is an isolated system not physically connected to other systems.
static NAT
NAT is a protocol that alters public IP addresses to private IP addresses, to camouflage resources from the internet. Static NAT uses a one-to-one approach for disguising IP’s.
