Flashcards in Network+ Chapter 15 Deck (25):
Firewalls are usually a combination of ________ and ________?
hardware and software.
T or F Firewalls can be placed on top of an existing operating system or be self-contained.
Define network-based firewall?
It's what companies use to protect their private network from public networks.
This is a firewall that is on a single PC and will protect that single PC only?
T or F Host based Firewalls are normally software based?
What is the first line of Defense for any network that's connected to the internet?
access control lists (ACLs).
What is Packet Filtering?
Packet Filtering refers to the ability of a router or a firewall to discard packets that don't meet the right criteria.
Which type of filtering do firewalls use?
dynamic packet filtering
Why would you implement a IP Proxy?
to hide all of your internal IP addresses from hackers.
The first firewalls were developed and worked at which layer of the OSI Model and were also known as_________?
Network layer (Layer 3)
Define the term zone?
Its an individual area of the network that has been configured with a specific trust level.
T or F An intrusion detection system cannot detect attacks within encrypted traffic.
T or F An intrusion detection system is the best way to replace a firewall on your network?
What are two ways two ways IDSs can detect attacks or intrusions.
What is a smart system?
it learns on the go by keeping track of and building a history of network activity for norms to which you can compare unusual activity.
What are 3 examples of passive responses?
What are 3 examples of Active responses
Change network config
deceive the attacker
___________is a propriety vulnerability scanning program that requires a license to use commercially yet is the single most popular scanning program in use.
what are 3 things that Network Mapper also known as NMAP can do?
Perform port scanning
Identify versions of network services in operation on the network
Identify operating systems
What is a VPN concentrator?
Its a device that creates remote access for virtual private networks VPNs either for users logging in remotely or for a large site-to-site VPN.
___________is a physical security access control system comprising a small space with two sets of interlocking doors, such that the first set of doors must close before the second set opens
What are the 3 categories that disasters are classified as?
Technological disasters (device failures)
Manmade disasters (arson, terrorism, sabotage)
Natural disasters (hurricanes, floods, earthquakes)
__________is designed to simulate an attack on a system, network, or application.
What are three examples of penetration testing?