{ "@context": "https://schema.org", "@type": "Organization", "name": "Brainscape", "url": "https://www.brainscape.com/", "logo": "https://www.brainscape.com/pks/images/cms/public-views/shared/Brainscape-logo-c4e172b280b4616f7fda.svg", "sameAs": [ "https://www.facebook.com/Brainscape", "https://x.com/brainscape", "https://www.linkedin.com/company/brainscape", "https://www.instagram.com/brainscape/", "https://www.tiktok.com/@brainscapeu", "https://www.pinterest.com/brainscape/", "https://www.youtube.com/@BrainscapeNY" ], "contactPoint": { "@type": "ContactPoint", "telephone": "(929) 334-4005", "contactType": "customer service", "availableLanguage": ["English"] }, "founder": { "@type": "Person", "name": "Andrew Cohen" }, "description": "Brainscape’s spaced repetition system is proven to DOUBLE learning results! Find, make, and study flashcards online or in our mobile app. Serious learners only.", "address": { "@type": "PostalAddress", "streetAddress": "159 W 25th St, Ste 517", "addressLocality": "New York", "addressRegion": "NY", "postalCode": "10001", "addressCountry": "USA" } }

Network Security Foundations and Secure Management Flashcards

(76 cards)

1
Q

A hardware component within a device that provides network access capabilities

A

Network Interface Card (NIC)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Layer 2 communication device (within a LAN)

A

Switch

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Layer 3 communication device that interconnects two or more LANs

A

Router

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Hardware or software that filters traffic

A

Firewall

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

A node on a computer that serves as a source or a destination point

A

End Device

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

A device that provides a wireless network connection (WLAN)

A

Access Point

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

______, _____, ______ & _______are intermediary devices that connect end devices to the network and control data flow

A

Switches, routers, firewalls, and access points

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

guides traffic to its destination network by Layer 3 devices

A

Routing Process

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

These devices use __________ to determine the best path and forward packets to the next hop on the way to their destination

A

routing tables

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

boosts IP addressing efficiency by splitting networks, distributing traffic, and enhancing security policy distributions.

A

Subnetting

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

VLANs in administrative networks key roles:

A
  • Divide large networks
  • Isolate traffic securely
  • Decrease the network resources wasted
    when broadcasting is used
  • Ensure controlled communication outside
    the VLAN
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

ACLs are essential for _____ and _____ traffic management

A

Secure
Efficient

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

filter traffic based on criteria like addresses, protocols, and ports. They are manually configured to allow or block traffic using permit or deny statements

A

Access-control lists (ACLs)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

statements within the ACLs that are inspected upon packet arrival. When the conditions within the ACE are met, the traffic is either allowed or blocked based on the rules configured in the ACE

A

Access control entries (ACEs)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

______ manage network resources, respond to client requests, and host various services. They are dedicated to their intended function.

A

Servers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Server Types:

A
  • Web
  • Database
  • Mail
  • Communication
  • Application
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Host web pages

A

Web

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Stores user or computer-related data

A

Database

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Enables email communication among clients

A

Mail

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Facilitates communication among devices and networks

A

Communication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Enables users to run applications on the web without installing them

A

Application

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

________ in a network ensures reliability by creating backup pathways or components

A

Redundancy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Redundancy can be achieved ______ (duplicate hardware) or ______ (backup routes)

A

Physically
Logically

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

allow multiple routers in a subnet mask to share a virtual IP address which can be assigned as a default gateway for end devices. This ensures connectivity if a gateway router fails

A

Redundancy Protocols

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
a group of multiple servers functioning as a single system, thereby ensuring uninterrupted service through automatic failover
Failover Cluster
26
If one server encounters an issue, another takes over swiftly, maintaining service availability (failover cluster). This setup is also called a _____
high-availability cluster
27
Failover clusters offer high availability for applications and services. ______ are interconnected and share storage. ______ request services via a load balancer, which redirects requests to another server if one fails
Servers Clients
28
evenly distributes network traffic among servers in a cluster, preventing overload
Load balancing
29
Load balancers come in two type:
- Physical (hardware) - Virtual (software)
30
_______________is the process of planning and implementing measures to protect computer networks from unauthorized access, breaches, and cyberthreats
Network Security Design
31
What is the objective of Network Security Design?
to effectively mitigate security risks
32
- safeguards the internal network by isolating it from external traffic - where external users first access the network
demilitarized zone (DMZ)
33
______ are in the LAN, _____ in the DMZ, and ______ in a WAN
Databases web servers Clients
34
Devices providing sensitive services should not be placed in the DMZ due to _____ ______, while public web servers are often placed there
internet exposure
35
the hardware and software that are used to protect computer networks from unauthorized access, breaches, and cyberthreats
Network security systems
36
acts as a mediator between clients and servers, hiding the origin of server requests. It’s used for anonymity, DDoS protection, and load balancing by companies
proxy server
37
2 types of proxy servers:
- forward proxy - reverse proxy
38
Connects private network computers to the public internet, serving as the exit point for accessing external resources
Forward Proxy
39
Acts as a single entry point for external systems to access private subnet resources
Reverse Proxy
40
- utilize SMTP to store and forward messages, ensuring the delivery of emails from the sender to the receiver - They act as middlemen, verify the sender’s identity, and encrypt messages between the source and destination - can also be used for anti-spam, allow and deny lists
Mail Relay Servers
41
- act as a security layer that controls traffic on one or more subnets - It enforces rules that determine traffic allowances or restrictions, taking into account ports, protocols, and source and destination IP address
Access-control Lists (ACLs)
42
- a network security system that monitors and controls incoming and outgoing traffic - are typically deployed at Layer 3 (Network Layer) to control network communication, securing connections between internal and external networks
Firewall
43
_______ & ______ work with predefined rules based on traffic analysis to detect network attacks
Intrusion prevention systems (IPS) and intrusion detection systems (IDS)
44
Monitor and analyze network traffic for malicious activity. They can block or drop packets to prevent or mitigate attacks
IPS
45
Monitor and analyze network traffic for malicious activity
IDS
46
- filters and blocks unwanted HTTP/HTTPS traffic based on predefined rules to and from a web server - can be a stand-alone device or server plug-in, usually positioned between the firewall and web server
web application firewall (WAF)
47
a vital framework in network security that allows admins to manage access, control users, and track audits
Authentication, Authorization, and Accounting (AAA)
48
AAA security has three functional components:
Authentication, Authorization, and Accounting
49
The process of verifying a user’s identity
Authentication
50
The process of determining what resources a user can access
Authorization
51
This is the process of tracking user activity
Accounting
52
Users can use usernames, passwords, token cards, security questions, and biometrics to gain access. This process is known as ____
authentication
53
stores user credentials on devices like PCs, switches, routers, and firewalls
Local authentication
54
a database found on Windows-based computers that verifies credentials when a user logs into a computer
Security Account Manager (SAM)
55
A ______ ______ checks the username and password to gain access to the computer
local database
56
- involves storing user credentials on a remote server for authentication - Devices ask the server to authenticate users based on the user data stored on the server - This method allows centralization of stored usernames and passwords
Remote authentication
57
________ & _______ are prominent protocols in AAA
RADIUS and TACACS+
58
To ensure secure access management, RADIUS and TACACS+ provide seamless communication between ______ & _______
clients and servers
59
a network protocol that offers centralized AAA services for network access, often used in remote access like wireless networks (WI-FI) and VPN, as well as in local networks
Remote Authentication Dial-In User Service (RADIUS)
60
RADIUS uses ___ for its operation
UDP
61
Common RADIUS features include:
- Operates on multiple platforms - Can be standalone or on an existing system - Integrates with Active Directory - Suitable for wired and wireless networks - Allows Cisco routers to authenticate via Microsoft servers - Originally developed to authenticate via Layer 2 - Only encrypts the password in the packet - UDP ports 1812/1813 ro 1645/1646
62
- It’s worthwhile to note that RADIUS has alternatives, such as ______. - This alternative has gained popularity for its enhanced capabilities and scalability in modern network environments - _____ offers improvements over RADIUS, rendering it a consideration for organizations seeking more advanced AAA solutions
Diameter
63
- a network protocol developed by Cisco that provides centralized AAA services for network access - It is designed for a wide range of applications, including network access, device management, and application access - can be employed in diverse network setups, from small-scale to enterprise environments
Terminal Access Controller Access-Control System Plus (TACACS+)
64
TACACS+ uses ___ of its operation
TCP
65
Common TACACS+ features include:
- Supported by Cisco and other vendors - AAA is implemented as separate functions - Encrypts the entire packet - TCP port 49
66
- a security protocol defined by the Institute of Electrical and Electronics Engineers (IEEE) - This security protocol authenticates users and devices seeking network access, applicable in wired or wireless LANs, campuses, and enterprises
802.1X
67
802.1X features include:
- Access Control - Network Security - Intelligent and Flexible
68
Secure, identity-based access control
Access Control
69
Ensures security with minimal disruption
Network Security
70
Secure operation
Intelligent and Flexible
71
802.1X has three components:
- Supplicant - Authenticator - Authentication Server
72
The device that wants to connect to the network
Supplicant
73
The device that controls network access
Authenticator
74
The device that verifies the supplicant’s identity
Authentication Server
75
- an authentication framework that transports request and response parameters - is extensible and new methods can be added as needed
Extensible Authentication Protocol (EAP)
76
Some common EAP methods include:
- EAP-MD5 - EAP-TLS - EAP-PEAP