Shared Flashcard Set

Details

10d. Firewalls and Other Appliances
CompTIA Network+ Firewalls and Other Appliances
44
Computer Networking
Professional
04/04/2012

Additional Computer Networking Flashcards

 


 

Cards

Term
Most firewalls can be configured to provide some level of content ___ing. This can be done for both inbound and outbound content.
Definition
filtering
Term
Firewalls can be configured to detect
certain ___s associated with malware or other undesirable applications and block them before they enter the network.
Definition
signatures
Term
Firewalls use ___ ___ ___ to translate the originating address of data into a different address to be used on the Internet.
Definition
Network Address Translation (NAT)
Term
The most common type of NAT is ___ ___ translation, which allows multiple devices on the network to share one single public address (or a few).
Definition
port address translation (PAT)
Term
___ filtering allows companies to control what pages can be viewed
Definition
URL
Term
___ management can prevent a user or system from hogging the network connection.
Definition
bandwidth
Term
A ___ firewall, aka a packet-filtering firewall, monitors each data packet and rejects or accepts it based on the source or destination address or port number listed in the packet header.
Definition
stateless
Term
A ___ firewall looks at each data packet in isolation and is unaware if a packet is part of a larger data stream.
Definition
stateless
Term
A ___ firewall monitors data traffic streams from one end to the other and refuses unsolicited incoming traffic that does not comply with dynamic or preconfigured firewall exception rules.
Definition
stateful
Term
___ firewalls examine both individual packets and packet streams at the application layer (DNS, SMTP, POP3, SNMP).
Definition
Stateful
Term
___ ___ enables the firewall to examine each packet that passes through it and determine what to do with it based on the configuration.
Definition
Packet filtering
Term
A packet-filtering firewall deals with packets at layers __ and __ of the OSI model.
Definition
2 and 3
Term
By filtering packets based on the ___ ___, a firewall can allow or deny traffic based on the source or destination address.
Definition
IP address
Term
By filtering packets based on the ___ ___, a firewall can use the TCP/IP suite port numbers to identify which
service a certain packet is destined for.
Definition
port number
Term
By filtering packets based on the ___ ___, a firewall can be used to specify which protocols will and will not pass through the firewall.
Definition
protocol ID
Term
___ ___ means that if the proviso in question has not been explicitly granted, then it is denied. For example, if you explicitly say that you will allow traffic in from ports 21, 80, and 443, then all those not mentioned are denied access.
Definition
implicit deny
Term
Although an ___ ___ can apply to firewall configuration, the same principle can apply to an access control list (ACL), MAC address, or any similar configuration option.
Definition
implicit deny
Term
Filtering by ___ ___ is the least used method of packet-filtering because it it requires extensive knowledge of who uses which hardware.
Definition
MAC address
Term
___-___ firewalls are similar to packet-filtering firewalls but operate at the transport and session layers of the OSI model.
Definition
Circuit-level
Term
A ___-___ firewall validates TCP and UDP sessions before opening a connection, or circuit, through the firewall.
Definition
circuit-level
Term
An ___-___ firewall can inspect
data packets traveling to or from an application.
Definition
application-layer
Term
___-___ firewalls are sometimes called proxy firewalls because the source and destination systems do not directly contact each other. Instead, the firewall proxy serves as a middle point.
Definition
application-layer
Term
Application-layer firewalls operate at the ___ layer of the OSI model.
Definition
application
Term
___-___ firewalls operate at Layers 2 and 3 of the OSI model and are designed to monitor traffic based on source, port, or destination in individual IP packets.
Definition
Packet-filtering
Term
___-___ firewalls use NAT to protect the internal network and have little or no connection to the application layer. They can protect traffic based on only a basic rule such as source destination port.
Definition
Session-layer
Term
___-___ firewalls control browser, Telnet, and FTP traffic, prevent unwanted traffic, and perform logging and auditing of traffic passing through them.
Definition
Application-layer
Term
___-based firewall systems monitor traffic on the entire network segment.
Definition
Network
Term
A ___-based firewall is installed on an individual system and monitors and controls inbound and outbound traffic for just that system.
Definition
host
Term
Sometimes called a perimeter network, a ___ ___ is part of a network where you place servers that must be accessible by sources both outside and inside your network.
Definition
demilitarized zone(DMZ)
Term
A ___ ___ is not connected directly to either network, and it must always be accessed through the firewall.
Definition
demilitarized zone(DMZ)
Term
The ___ ___ system is a network device that continually scans the network looking for inappropriate activity. It can shut down any potential threats.
Definition
intrusion prevention system (IPS)
Term
The ___ ___ system is a passive system that can detect the presence of an attack, log that information and alert an administrator to the potential threat.
Definition
intrusion detection system (IDS)
Term
A ___-based Intrusion Detection System looks for variations in behavior such as unusually high traffic or policy violations, and so on.
Definition
behavior
Term
A ___-based IDS system, aka misuse-detection IDS (MD-IDS), is primarily focused on evaluating attacks based on attack signatures and audit trails.
Definition
signature
Term
A ___-based IDS system examines all network traffic to and from network systems. If it is software, it is installed on servers or other systems that can monitor inbound traffic. If it is hardware, it may be connected to a hub or switch to monitor traffic.
Definition
network
Term
A ___-based IDS system looks for spyware or virus applications on individual network systems.
Definition
host
Term
A ___-based IDS system monitors and analyzes protocols communicating between network devices.
Definition
protocol
Term
A ___-based IDS system monitors application-specific protocols.
Definition
application
Term
In addition to IPS and IDS, you can use a ___ ___ to increase remote-access security.
Definition
VPN concentrator
Term
A ___ ___ sits between the VPN client and the VPN server, creates the tunnel, authenticates users using the tunnel, and encrypts data traveling through the tunnel.
Definition
VPN concentrator
Term
A ___ is a system set up as a decoy to attract and deflect attacks from hackers.
Definition
honeypot
Term
A ___ is an entire network set up to monitor attacks from outsiders.
Definition
honeynet
Term
A ___ ____ runs tests on its target against a gamut of known vulnerabilities.
Definition
vulnerability scanner
Term
Nessus and nmap are two popular examples of a ___ ___.
Definition
vulnerability scanner
Supporting users have an ad free experience!