Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
24 Cards in this Set
- Front
- Back
|
all-in-one network security appliance
|
Network hardware that provides multiple security functions
|
|
|
anomaly-based monitoring
|
A monitoring technique used by an IDS that creates a baseline of normal activities and compares actions against the baseline. Whenever a significant deviation from this baseline occurs, an alarm is raised.
|
|
|
behavior-based monitoring:
|
A monitoring technique used by an IDS that uses the normal processes and actions as the standard and compares actions against it.
|
|
|
demilitarized zone (DMZ):
|
A separate network that rest outside the secure network perimeter; untrusted outside users can access the DMZ but cannot enter the secure network;
|
|
|
heuristic monitoring:
|
A monitoring technique used by an IDS that uses an algorithm to determine if a threat exist.
|
|
|
host intrusion setection system(HIDS)
|
A software-based application that runs on a local host computer that can detect an attack as it occurs.
|
|
|
intrusion detection system(IDS):
|
A device designed to be active security; it can detect an attack as it occurs.
|
|
|
Load balancer:
|
A device that can direct request to different servers based on a variety of factors, such as the number of server connections, the server's processor utilization, and overall performance of the server.
|
|
|
Network access control (NAC):
|
A technique that examines the current state of a system or network device before it is allowed to connect to the network.
|
|
|
Network address translation (NAT):
|
A technique that allows private IP addresses to be used on the public Internet.
|
|
|
Network Intrusion detection system (NIDS)
|
A technology that watches for attacks on the network and reports back to a central device.
|
|
|
network intrusion prevention system (NIPS)
|
A technology that monitors network traffic to immediately react to block a malicious attack.
|
|
|
proxy server:
|
A computer or an application program that intercepts a user request from the internal secure network and then processes that request on behalf of the user.
|
|
|
remote access:
|
Any combination of hardware and software that enables remote users to access a local internal network.
|
|
|
reverse proxy:
|
A computer or an application program that routes incoming request to the correct server.
|
|
|
router:
|
A device that can forward packets across computer networks.
|
|
|
signature-based monitoring:
|
A monitoring technique used by an IDS that examines network traffic to look for well-known patterns and compares the activities against a predefined signature.
|
|
|
subnetting (subnet addressing):
|
A technique that uses IP addresses to divide a network into network, subnet, and host.
|
|
|
switch:
|
A device that connects network segments and forwards only frames intended for that specific device or frames sent to all devices.
|
|
|
virtual LAN (VLAN):
|
A technology that allows scattered users to be logically grouped together even though they may be attached to different switches.
|
|
|
virtual private network(VPN):
|
A technology to use an unsecured public network, such as the internet, like a secure private network.
|
|
|
VPN concentrator:
|
A device that aggregates hundreds or thousands of VPN connections.
|
|
|
web application firewall:
|
A special type of firewall that looks more deeply into packets that carry HTTP traffic.
|
|
|
web security gateway:
|
A device that can block malicious content in "real time" as it appears (without first knowing the URL of a dangerous site)
|
