Week 5 Flashcards
(19 cards)
What is a Firewall?
A firewall is like a security guard for your computer or network. It controls what data can come in and go out, based on a set of rules. Can also act as VPN gateways.
Definition of DMZ (Demilitarized Zone):
A DMZ in networking is a small, isolated part of a network that adds an extra layer of security between the public internet and your private internal network.
Purpose of DMZ?
Provides an additional layer of security by isolating external-facing services from the internal network.
Components of DMZ?
1.External Firewall: Protects the network from unauthorized access from the internet.
2.Internal Firewall: Safeguards internal resources from potential threats originating in the DMZ.
3.Web Servers and Services: Hosts public-facing applications, websites, or services.
Security Measures of DMZ?
-Access Control Lists (ACLs)
-Intrusion Prevention System (IPS)
-Logging and Monitoring
Advantages of DMZ:
-Enhanced Security: Segregation of services minimizes the risk of unauthorized access to sensitive data.
-Scalability: Easily accommodates the addition of new external services without compromising internal security
Types of Firewalls:
Based on Method of Delivery:
-Software firewalls
-Hardware firewalls
Based on Method of Operation:
-Packet filtering
-Circuit level
-Application level/Proxy level
-Stateful inspection
-Next Generation Firewalls (NGFW)
What Is Network Security?
Network security means protecting a computer network from unauthorized access, attacks, or damage.
A specialized field in cybersecurity.
Common Network Security Threats?
Phishing
Cyberattack
Misconfiguration exploits
Denial-of-Service (DoS)
Malware
Ransomware
Rogue Security Software
Types of Network Security Solutions and Technologies?
-Firewalls
-Network Access Control (NAC)
-Remote Access VPN
-Network Segmentation
-Intrusion Prevention/Detection System (IPS/IDS)
-Zero Trust Network Access (ZTNA)
-Secure Access Service Edge (SASE)
Network Security Protocols:
-ensure the integrity and security of data transmitted across network connections.
-depends on the type of protected data and network connection.
-Safeguard against unauthorized or malicious efforts to access or remove information.
List of Some of the Network Security Protocols:
*Internet Protocol Security (IPsec) Protocols
*SSL (Secure Sockets Layer)
*TLS (Transport Layer Security)
*Datagram Transport Layer Security (DTLS)
*Kerberos (is a security system that helps computers and users prove who they are on a network)
*Simple Network Management Protocol (SNMP)
*HTTP and HTTPS
IPsec (Internet Protocol Security)
A set of protocols used to secure internet traffic by encrypting and authenticating data between devices over a network.
SSL (Secure Sockets Layer)
A security protocol that encrypts the connection between a browser and a website to keep data safe, though now mostly replaced by TLS.
TLS (Transport Layer Security)
An improved version of SSL, used to secure communications between devices like web browsers and servers.
DTLS (Datagram Transport Layer Security)
A version of TLS designed to secure communications over unreliable networks, such as UDP
SNMP (Simple Network Management Protocol)
A protocol used to manage and monitor network devices like routers and switches.
HTTP and HTTPS:
HTTP (Hypertext Transfer Protocol) is used to transfer data between a web server and a browser, but it’s not secure.
HTTPS (Hypertext Transfer Protocol Secure) is the secure version of HTTP, where data is encrypted to prevent eavesdropping and tampering.
SSL Vulnerability:
- POODLE (Padding Oracle on Downgraded Legacy Encryption)
*Heartbleed an OpenSSL cryptographic software library
*BEAST (Browser Exploit Against SSL/TLS
*CRIME (Compression Ratio Info-leak Made Easy)
*RC4 Vulnerabilities
