Term
Network Address Translation (NAT) |
|
Definition
| ____ is a form of Internet security that conceals internal addressing schemes from external networks such as the Internet. |
|
|
Term
Port Address Translation (PAT) |
|
Definition
| ____ is a subset of dynamic NAT functionality that maps either one or more unregistered addresses to a single registered address using multiple ports. It is also known as overloading. |
|
|
Term
|
Definition
| ____ determines which packets will be allowed to pass and which packets will be dropped by screening the packet based on certain criteria. An administrator can set criteria to determine which packets to filter, such as the protocol type, source IP address, and destination IP address. |
|
|
Term
|
Definition
| A ____ is a software program or a hardware device or a combination of both that protects a system or network from unauthorized data by blocking unsolicited traffic. They permit traffic that has specifically been permitted by a system administrator, based on a defined set of rules. |
|
|
Term
|
Definition
| ____ are the simplest implementation of a firewall and work at the Network layer of the OSI model. Each packet being passed along the network is compared to a set of default criteria or a set of rules configured by a network administrator. |
|
|
Term
|
Definition
| ______ firewalls work at the Session layer of the OSI model by monitoring the condition, or state, of the connection. |
|
|
Term
|
Definition
| ____ work at the Application layer of the OSI model and require incoming and outgoing packets to have a proxy to access services. They can be used t monitor activity and logons. |
|
|
Term
|
Definition
| A ____ firewall is a dedicated hardware/software combination that protects all the computers on a network behind the firewall. |
|
|
Term
|
Definition
| A _____ firewall (also known as a personal firewall) is a software that is installed directly on a host and filters incoming and outgoing packets to and from that host. |
|
|
Term
|
Definition
| A _____ firewall is a firewall that manages and maintains the connection state of a session through the filter to ensure that only authorized packets are permitted in sequence. monitors network traffic and forwards or drops packets based on static rules. |
|
|
Term
|
Definition
| ____ firewall monitors communication paths and data flows on the network. It tracks the connection status and integrity of packets. |
|
|
Term
|
Definition
| The principle of ____ dictates that when using a firewall, anything that is not explicitly allowed is denied. |
|
|
Term
|
Definition
| A ____ is a small section of a private network that is located between two firewalls and made available for public access. |
|
|
Term
|
Definition
| A ____ is a system that isolates internal clients from the servers by downloading and storing files on behalf of the clients. |
|
|
Term
Network Access Control (NAC) |
|
Definition
| ____ is a general term for the collected protocols, policies, and hardware that govern access on device network interconnections. |
|
|
Term
Access Control List (ACL) |
|
Definition
| An ____ is a set of data (user names, passwords, time and date, IP addresses, MAC addresses, etc.) that is used to control access to a resource such as a computer, file, or network. |
|
|
Term
|
Definition
| ____ is the process of monitoring the events occurring on a computer or a network, and analyzing them to detect possible incidents. |
|
|
Term
|
Definition
| An ____ is a violation or an imminent threat of violation of both computer security policies and standard security practices. |
|
|
Term
Intrusion Detection System (IDS) |
|
Definition
| An ____ is software or hardware, or a combination of both, that is used to quickly detect malicious behavior that compromises the integrity of a computer so that appropriate action can be taken. |
|
|
Term
Network Intrusion Prevention System (NIPS) |
|
Definition
| A ____ is an inline security device that monitors suspicious network and/or system traffic and reacts in real time to block it. |
|
|
Term
|
Definition
| A ____ is a type of software that searches a network host or a range of IP addresses for open TCP and UDP ports. |
|
|
Term
|
Definition
| ____ are computer programs used for scanning networks to obtain user names, host names, groups, shares, and services. |
|
|
Term
Internet Protocol Security (IPSec) |
|
Definition
| ____ is a set of open, non-proprietary standards that you can use to secure data as it travels across the network or the Internet. It is often used with L2TP. |
|
|
Term
Internet Key Exchange (IKE) |
|
Definition
| IPSec uses the ____ protocol to create a master key, which in turn is used to generate bulk encryption keys. |
|
|
Term
Security Association (SA) |
|
Definition
| A ____ is the negotiated relationship between two computers using IPSec. |
|
|
Term
| Internet Security Association and Key Management Protocol (ISAKMP) |
|
Definition
| ____ is a protocol used for setting up SA and cryptographic keys in an Internet environment. |
|
|
