Shared Flashcard Set

Details

CCNA Security 640-554 Terms
CCNA security 640-554 Ch 1 - 11 Official Cert Guide
45
Computer Networking
Professional
05/09/2014
Click here to study/print these flashcards.

Create your own flash cards! Sign up here.

Additional Computer Networking Flashcards

 

 

Cards

Term
Asset
 Definition
Something were going to protect
Term
Vulnerability
 Definition
a spot of weakness in the network
Term
Treat
 Definition
somthing out to get the network
Term
Risk
 Definition
potential vulnerability
Term
Example of a risk
 Definition
an uneducated user
Term
Secure X
 Definition
Cisco security framework that keeps security policies up to date and enforced
Term
Context aware security
 Definition
Users & roles are employed to describe / defend threats
Term
Example of context aware security
 Definition
I can only access the asa when on local lan
Term
ASA
 Definition
Application security appliance
Term
IPS
 Definition
Intrusion prevention system
Term
What exists on the management plane
 Definition
Hardware and traffic needed to administer the devices on the network
Term
Example of management traffic
 Definition
SSH / HTTPS/ SNMP / Netflow
Term
Define Control plane
 Definition
Logic systems that make route / switch decisions
Term
Example of control plane traffic
 Definition
Secured routing protocols (i.e. encrypted ospf updates)
Term
Define the data plane
 Definition
Our ability to forward general data
Term
Example of data plane
 Definition
End user accessing FTP or sharepoint server
Term
Define NFP
 Definition
Network foundation plane
Term
Describe the NFP
 Definition
The concept of securing the Management / Control / Data planes
Term
Define uRPF (ch 5)
 Definition
Unicast reverse path forwarding
Term
Describe uRPF
 Definition
Checks entry point of packet against route table. Ensures ingress request matches egress request
Term
What does uRPF prevent
 Definition
Spoofed ip source addresses traversing the network
Term
AAA encompasses what
 Definition
Authentication, authorization, accounting
Term
What is a AAA method list
 Definition
What database each individual A will use
Term
What's an example of a AAA method list
 Definition
Local / RADIUS / Tacacs+
Term
What are the default privilege levels
 Definition
0 & 15 are defaults, 1-14 are for customization
Term
What is a parser view
 Definition
Assigning custom / restricted commands to a privilege level
Term
Syslog's do what
 Definition
Send data about router / switch health to syslog server
Term
Are syslogs encrypted
 Definition
No
Term
What is a secure bootset
 Definition
Prevents erasing / tampering of ios files via secure ftp
Term
What is inter-vlan routing
 Definition
Moving data between vlans
Term
2 examples of a inter-vlan
 Definition
Router on a stick (RoS) / virtual RoS
Term
Define STP
 Definition
Spanning tree protocol
Term
Define BPDU
 Definition
Bridge port data unit
Term
What is STP used for
 Definition
Preventing storms / packet loops
Term
Root guard does what
 Definition
Ensure only 1 path is used in moving data around
Term
How is the root port selected
 Definition
Lowest number between two trunk switch ports
Term
How do root guard enabled trunks communicate
 Definition
BPDU
Term
What is an extended ACL #
 Definition
100-199, 2000-2699
Term
Define ACE (in the context of ACL's)
 Definition
ACE - Access control entity
Term
What is a ACE
 Definition
Collection of ACL lines and code
Term
IPv6 router header
 Definition
RH0
Term
What is a syn-flood attack
 Definition
A massive amount of syn requests w/o the ack response sent from attacking server
Term
Syn-flood attack involves what protocol?
 Definition
TCP
Term
What is the standard ACL #'s in ios
 Definition
1-99 & 1300-1999
Term
(CCP-GUI) how do I access the ACL editor?
 Definition
Config -> router - > acl - > acl editor
Supporting users have an ad free experience!