Shared Flashcard Set

Details

IT223
Lecture 11
32
Computer Science
Undergraduate 2
05/06/2011

Additional Computer Science Flashcards

 


 

Cards

Term
information security deals with what?
Definition
information and information systems
Term
client-server model
Definition
computer processing is distributed over two or more computers
Term
what is a computer network
Definition
a collection of computers connected together to enable sharing of resources
Term
a computer is connected to a network via a ____
Definition
network interface
Term
source device
Definition
computer sending info on network
Term
destination device
Definition
requires addressing to get to
Term
ISO OSI reference model shows what
Definition
the many things that are needed to coordinate between two devices in order to communicate
Term
what does the ISO OSI reference model use?
Definition
layered architecture
Term
7 layers in client server
Definition
1 application
2 presentatino
3 session
4 transport
5 network
6 data link
7 physical
Term
what 3 layers are called packet layers?
Definition
network, data link, and physical
Term
OSI is theoretical tool....most common implementation is ____
Definition
TCP/IP
Term
challenge with connecting internal network to internet is ____
Definition
inability to provide physical security
Term
VPN stands for what
Definition
virtual private network
Term
2 types of VPN?
Definition
IPSec and SSL
Term
IPSec is used with IPv4 and IPv6 and has what 2 protocols?
Definition
authentication header - provides the services authentication of origin and data integrity

encapsulating security payload - provides the service of confidentiality by encrypting data
Term
IPSec has 2 modes what are they?
Definition
transport and tunnel
Term
IPSec transport mode is applies to the IP payload...the payload is protected by the IP header is not....this si good for what?
Definition
end-to-end communication between hosts
Term
IPSec tunnel mode is applies to the entire IP packet...header and payload is sent encrypted...this is good for what?
Definition
intermediate devices in a communications path
Term
Secure Sockets Layer (SSL) is internet standard known as Transport Layer Security (TLS)...it allows what?
Definition
allows two systems to negotiate algorithms, transfer data with MACs for authentication or origin and data integrity, encrypted for confidentiality
Term
fire wall
Definition
a system component designed to provide security between a trusted internal network and untrusted external network
Term
simplest type of fire wall is a ___ filter...what does it do
Definition
stateless packet filter....examines the header of an IP packet and uses programmed policy rules to determine whether the packet should be forwarded or not
Term
demilitarized zone (DMZ)
Definition
servers that are designed to serve requests from outside are placed in DMZ
Term
DMZ screened host..what is it
Definition
place DMZ behind fire wall separate from trusted network
Term
DMZ screened subnet is what?
Definition
DMZ is hidden between external router and internal router
Term
DMZ multi_homed host is used for what? and what is it?
Definition
used to implement policy rules regarding transfer of data between the three zones...requests from outside are never allowed to internal servers, only to DMZ servers that then forward it to internal server
Term
what is Network address translation (NAT)?
Definition
a technique that allows a network device to associate an external IP address with one or more internal IP addresses that are non-routable and translate addresses fro data traffic in each direction
Term
what does NAT allow?
Definition
allows multiple devices to share an single IP address
Term
3 types of IDS
Definition
network-based
host-based - usually a server
application-based
Term
Signature based IDS does what?
Definition
examings the data content of network packets, files and other data resources and recognizing signatures
Term
anomaly based IDS does what?
Definition
compaing the activities of one process with the expected behavior/profile for that type of process
Term
honey pot
Definition
a host designed to attract attackers
Term
padded cell
Definition
when an IDS detects an attack in progress...it sends data to a padded cell where a hacker can try to cause damage but cant
Supporting users have an ad free experience!