CompTIA Security + Ch 6
Card Set Information
CompTIA Security + Ch 6
Stateful Packet Inspection (SPI)
Packet inspection that keeps track of network connections by examining the header in each packet.
Either software or hardware based; designed to keep unauthorized traffic out, and allow authorized traffic in.
Inspects each packet that passes through the firewall to either accept or deny the packet based on certain criteria or rules.
Application-Level Gateway (ALG)
Applies security mechanisms to specific applications, such as FTP and /or BitTorrent. It supports address and port translation and checks whether the type of application traffic is allowed.
Works at the Session Layer of the OSI model and applies security mechanisms when a TCP or UDP connection is esablished.
A firewall that can control traffic associated with specific applications.
Denies all traffic unless the user is granted access.
When a rule is set to allow specific traffic through a firewall, often in an ACL (access control list)
When a rule is set to deny specific traffic through the firewall, often in an ACL.
Acts as a intermediary for clients usually located on a LAN and the servers that they want access that are usually located on the Internet.
Secures a network by keeping machines behind it anonymous; it does this by using NAT.
HTTP Proxy (web proxy)
Caches web pages from servers on the Internet for a set amount of time.
Internet Content Filter
Applied as software at the Application Layer and can filter out various types of services such as, websites, e-mail, instant messaging and more.
Generally a single computer, used to attract and trap a attacker from the rest of the network.
Same as Honeypot but uses multiple computers or servers to trap attackers from accesing your network.
Network Intrusion Detection System (NIDS)
A type of IDS that attemps to detect threats to your network bu use of port scans and DoS attacks, by constantly monitoring network traffic.
Network Intrusion Prevention System (NIPS)
Designed to inspect traffic, and based on its configuration or security policy, the system can remove, detain, or redirect malicious traffic.
When the system allows a user access that is not authorized to have access.
When the system denies access to a user that should have access.
Access Control List (ACL)
A list of permissions attached to an object. They specify what level of access a user, users or groups have to an object.
The border of a computer network, secured by firewalls and NIDS/NIPS solutions.
Ina network adapter, this passes all traffic to the CPU, not just the frames addresed to it.