Term
| What is trust in computer/network security? |
|
Definition
| Confidence that others will act in accordance with the rules, or that a resource is authentic |
|
|
Term
| Why understand TCP/IP and OSI as a security professional? |
|
Definition
| To fully understand the mechanisms of filtering employed by firewalls |
|
|
Term
| List the seven domains of a typical IT infrastructire |
|
Definition
User domain
Workstation domain
LAN domain
LAN-WAN domain
Remote Access domain
WAN domain
System/App domain |
|
|
Term
|
Definition
| All actual users (employees, 3rd parties, etc.) |
|
|
Term
|
Definition
Desktop computer
laptop VoIP
other endpoint device |
|
|
Term
|
Definition
| local area network (typically 10/100/1K ethernet), 802.1x wireless, etc. |
|
|
Term
|
Definition
Inter-connectivity between the LAN and WAN
Routers, firewalls, DMZ, IDS/IPS |
|
|
Term
|
Definition
| Authorized and authenticated remote access to IT infrastructure, systems & data |
|
|
Term
|
Definition
| Typically outsourced to service providers (ISPs) for end-to-end connectivity, bandwidth |
|
|
Term
| Systems & Applications Domain |
|
Definition
| Hardware, OS software, client/server apps, data housed in data center or on servers |
|
|
Term
|
Definition
A Layered approach to security
Multiple layers/levels, and/or multiple components
Can also include a mix pf multiple vendors |
|
|
Term
|
Definition
Well-monitored system that appears to be valuable, but serves as a trap.
Distracts hackers from the real target
Helps analyze the attack |
|
|
Term
| Six steps to incident response |
|
Definition
Preparation
Detection
Containment
Eradication
Recovery
Follow-up |
|
|
Term
|
Definition
| Consists of both trusted and secure segments |
|
|
Term
|
Definition
| Wholly owned and operated |
|
|
Term
|
Definition
| Encryption over public conection |
|
|
Term
| What is the primary difference between a VPN and a local network connection |
|
Definition
|
|
Term
| Name the benefits of deploying a VPN |
|
Definition
Cost
High productivity
Secure remote access |
|
|
Term
|
Definition
| Process of confirming the identity of the userVPN Authorizato |
|
|
Term
|
Definition
| Controlling what users can and cannot do |
|
|
Term
| What components create a digital signature that verifies authenticity and integrity? |
|
Definition
|
|
Term
| What are the two most important characteristics of VPN authentication |
|
Definition
|
|
Term
| What form of attack can potentially evade IPS? |
|
Definition
|
|
Term
| Most exploits are based on the exisitance of...? |
|
Definition
|
|
Term
| Which exploit takes advantage of variable MTUs? |
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
| Automatically tracking sessions (or states). This allows inbound responses to previous outbound requests (AKA dynamic packet filtering) |
|
|
Term
| Common firewall security strategies |
|
Definition
Security thru obscurity
Least privilege
Simplicity
Defense in Depth
Diversity or Defense
Chokepoint
Weakest Link
Fail-safe
Forced Univversal PArticipation |
|
|
Term
|
Definition
| Hides the identity of a web server accessed from the internet |
|
|
Term
| Reverse Proxy use, possible reasons |
|
Definition
load balancing/distribution
Reverse caching
Security (obfuscates internal identities)
Encryption |
|
|
Term
| What are firewall rules sometimes called? |
|
Definition
| Access Control Lists (ACLs) |
|
|
Term
| Order of the firewall rule: |
|
Definition
protocol
Source address
Source port
Destination address
Destination port
Action |
|
|
Term
| 3 reasons firewall data should be logged |
|
Definition
Validate proper configuration
Tracking/trend analysis
Reactive tracking - tracing to attacks |
|
|
Term
| Unified Threat Management |
|
Definition
Firewall as primary, all-encompassing gateway solution. A single device for:
firewall filtering
IPS
Antivirus
Anti-spam
VPN end-point hosting
content filtering
load balancing
logging |
|
|
Term
|
Definition
|
|
