GCGA Ch. 3 Implementing Network Designs (ST)

Question 1

Screened subnet

Answer 1

provides layer of protection for servers accessible from Internet

Question 2

Intranet vs extranet

Answer 2

intranet -> internal network. extranet -> part of a network that can be accessed by authorized entities outside network

Question 3

NAT

Answer 3

network address translation - translates public IP addresses to private IP addresses; private back to public; hides IP addresses on internal network from users on internet; NAT gateway is device that implements NAT

Question 4

Air gap

Answer 4

provides physical isolation for systems/networks; completely isolated with a gap of air

Question 5

Forward proxy server

Answer 5

forwards requests for services from a client; can cache content and record users’ internet activities

Question 6

Reverse proxy server

Answer 6

accept traffic from internet and forward it to one or more internal web servers; placed in screened subnet and web servers can be in internal network

Question 7

UTM security appliance

Answer 7

unified threat management - includes mult. layers of protection, such as URL filters, content inspection, firewalls, malware protection, DDoS mitigator; UTMs raise alerts sends them to to admins to implement

Question 8

Jump server

Answer 8

placed between diff. security zones, provide secure access from devices in one zone to devices in another zone; often used to manage devices in screened subnet from internal network