Information Security 3 Flashcards
1
Q
wall or partition that is designed to prevent fire from spreading from one part of a building to another.
A
firewall
2
Q
Firewall Types
A
- Network Layer Firewall
- Transport Layer Firewall
- Application Layer Firewall
- Context Aware Application Firewall
- Proxy Server
- Reverse Proxy Server
- Network Address Translation (NAT) Firewall
- Host-based Firewall
3
Q
filtering based on source and destination IP addresses
A
Network Layer Firewall
4
Q
filtering based on source and destination data ports, and filtering based on connection states
A
Transport Layer Firewall
5
Q
filtering based on application, program or service
A
Application Layer Firewall
6
Q
iltering based on the user, device, role, application type, and threat profile
A
Context Aware Application Firewall
7
Q
filtering of web content requests like URL, domain, media, etc.
A
Proxy Server
8
Q
placed in front of web servers, reverse proxy servers protect, hide, offload, and distribute access to web servers
A
Reverse Proxy Server
9
Q
hides or masquerades the private addresses of network hosts
A
Network Address Translation (NAT) Firewall
10
Q
filtering of ports and system service calls on a single computer operating system
A
Host-based Firewall
11
Q
designed to control, or filter, which communications are allowed in and which are allowed out of a device or network, as shown in the figu
A
firewall
12
Q
process of probing a computer, server or other network host for open ports. In networking, each application running on a device is assigned an identifier called a port number.
A
Port Scanning
13
Q
The host replied indicating a service is listening on the port.
A
Open or Accepted
14
Q
The host replied indicating that connections will be denied to the port.
A
Closed, Denied, or Not Listening
15
Q
There was no reply from the host.
A
Filtered, Dropped, or Blocked
16
Q
8 types of firewalls based on general structure and method
A
- packet-filtering firewall
- circuit-level gateway
- stateful inspection firewall
- application-level firewall
- next-gen firewall
- software firewall
- hardware firewall
- cloud firewall
17
Q
- oldest firewall
- designed to create checkpoints at individual routers or switches
A
packet-filtering firewall
18
Q
- quickyly and easily approve or deny traffic
- verifying transmission control protocol handshake
A
circuit-level gateway
19
Q
- combination of packet-filtering and circuit-level gateway
- offer higher level of protection of your business
A
stateful inspection firewall
20
Q
- firewalls operate at application layer to filter traffic
- cloud-based most of the time and establish traffic connections and examine data packets coming
A
proxy firewall
21
Q
time it was created into what makes it this kind of firewall
A
next generation firewall
22
Q
firewalls installed on local devices
A
software firewall
23
Q
firewalls used on physical devices and act as traffic router
A
hardware firewall
24
Q
- also called as FaaS
- often go hand in hand i=with proxy firewalls and they grow with business
A
cloud firewall
25
can be stand-alone devices, like a router or firewall, a card that can be installed into a network device, or a module with its own processor and cached memory
Security Appliances
26
have many firewall capabilities besides just routing functions, including traffic filtering, the ability to run an Intrusion Prevention System (IPS), encryption, and VPN capabilities for secure encrypted tunneling.
Routers
27
Cisco Next Generation Firewalls have all the capabilities of an ISR router, as well as, advanced network management and analytics. Cisco Adaptive Security Appliance (ASA) with firewall capabilities are shown in Figure 2.
Firewalls
28
are dedicated to intrusion prevention.
IPS
29
server and client technologies. It is designed for secure encrypted tunneling.
Virtual Private Network (VPN)
30
comes in next generation Cisco routers, firewalls, IPS devices, Web and Email Security Appliances and can also be installed as software in host computers.
Malware/Antivirus
31
This category includes web and email security appliances, decryption devices, client access control servers, and security management systems.
Other Security Devices
32
which firewall is best for business needs
cloud and hardware firewalls
33
Detecting attacks in real time requires actively scanning for attacks using firewall and IDS/IPS network devices
Real Time Scanning from Edge to Endpoint
34
* DDoS is one of the biggest attack threats requiring real-time response and detection.
* DDoS attacks are extremely difficult to defend against because the attacks originate from hundreds, or thousands of zombie hosts, and the attacks appear as legitimate traffic, as shown in the figure.
DDoS Attacks and Real Time Response
35
* security technique that regulates who or what can view or use resourcesin a computing environment
* fundamental concept in security that minimizes risk to the business organization
* perform identification authentication and authorization of users and entities by evaluating login credentials
access control
36
two types of access control
1. physical access
2. logical access
37
type of access that controls limit access to campuses, buildings, rooms and physical IT assets
physical access
38
type of access control that limits connections to computer networks, system files and data
logical data
39
why is access control important?
1. minimiza security risk
2. ensures security technology and access control are in place to protect customer data
3. complex and can be challenging to manage
4. on-premises and cloud environments
40
models of access controls
1. mandatory access control
2. discretionary access control
3. role-based access control
4. rule-based access control
5. attribute-based access control
41
security model in which access rights are regulated by central authority based on multiple levels of security
mandatory access control
42
access control method which owners or admins set policies defining who or what is authorized to access the resource
discretionary access control
43
This is a widely used access control mechanism that restricts access to computer resources based on individuals or groups with defined business functions
Role-based access control (RBAC)
44
This is a security model in which the system administrator defines the rules that govern access to resource objects
Rule-based access control.
45
This is a methodology that manages access
rights by evaluating a set of rules, policies and relationships using the attributes of
users, systems and environmental condition
Attribute-based access control (ABAC)
46
Challenges of access control
* dynamically managing distributed IT environments;
* password fatigue;
* compliance visibility through consistent reporting;
* centralizing user directories and avoiding application-specific silos; and
* data governance and visibility through consistent reporting.
47
* use of a program to screen and/or exclude access to web pages or email deemed objectionable
* also used to implement company policies related to information system
usage.
Content Filtering
48
types of content filtering
1. web filter
2. email filter
3. internet filter
4. search engine filter
5. proxy content filtering
6. dns based content filtering
49
Top 10 Content Filtering Software
Solutions
1. AT&T Global Security Gateway
2. Barracuda Web Security Gateway
3. Cisco Umbrella
4. Comodo Cybersecurity
5. DNSFilter
6. Flashstart
7. FortiGuard
8. Smoothwall SWG
9. WebRoot
10. WebTitan
50
Why is Content Filtering Important?
helps to mitigate these risks by making such content difficult to access in the workplace, and by demonstrating the company's intolerance for inappropriate, illegal, or objectionable content in general.
51
n encrypted connection over the Internet from a device to a network. The encrypted connection helps ensure that sensitive data is safely transmitted
Virtual Private Network
52
To be effective, content filtering has to be deployed across all content channels. The most common channels include
1. web
2. emails
3. executables
53
* provides a safe, secure way to connect users and devices
* remotely to a corporate network. It includes VPN technology that uses strong ways to authenticate the user or device
Secure remote access
54
Types of VPNs
1. remote access
2. site-to-site
55
VPN securely connects a device outside the corporate office
Remote access
56
connects the corporate office to branch offices over the Internet
Site-to-site
57
Setting up a VPN on Windows 10
1. Type “VPN” into the search box in your
taskbar, then open your VPN Settings
2. Add a VPN connection
3. Here, you’ll enter all the information about
your VPN
4. click the icon that corresponds
to your internet connection
58
# [](http://)
seven new emerging technology clusters to have significatnt impact on cybercrime
1. AI
2. Autonomous Drive and Systems
3. Computing and Data Storage Technologies
4. Telecommunication Infrastructure
5. Internet of Things (IoT)
6. Privacy-Enhancing Technologies
7. Blokchain and Distributed Ledger Technologies
59
could increase autimation, speed, frequency and efficiency of attacks as well as potential for tailored attacks targeting specific groups
AI/ML
60
could be used to carry out disguised criminal acts, develop new operation methods for criminals or canduct large-scale automated attacks
autonomous device and systems
61
development and increasing use of computing and data storage technologies could be exploited by criminals to gain access and disseminated non-consensual recordings
computing data and storage tech
62
can be used to enhance anonymity, speed aand capacity of criminal activities
telecommunication infrastructure
63
growing volumes of data gathered by IOT could become vulnerable to theft, corruption, extortion
IoT
64
could be exploited by malicious actors to pursure illicit activities anonymously and secretly making it difficult to detect criminal
activity
Privacy Enhancing Technologies (PETS)
65
transactions become digitalized and processed, these could be manipulated for malicious purposes such as preventing transactions from being processed
blockchain and distributed ledger technologies
