Defining Network Infrastructures and Network Security
Home > Preview
The flashcards below were created by user
on FreezingBlue Flashcards.
worldwide system of connected computer networks.
enormous system of interlinked hypertext
documents that can be accessed with a web browser
World Wide Web (WWW)
an interactive type of web experience compared to the previous version 1.0.
a private computer network or single Web site that an organization implements in order to share data with employees around the world.
similar to an intranet except that it is extended to users outside a company,and possibly to entire organizations that are separate from or lateral to the company.
a connection between two or more computers or devices that are not on the same private network
virtual private network (VPN)
is the more commonly used protocol, but
it is also the less secure option.
Point-to-Point Tunneling Protocol (PPTP)
is quickly gaining popularity due to the inclusion
of IPsec as its security protocol
Layer 2 Tunneling Protocol (L2TP)
are primarily used to protect one network from another. They are often the first line of defense in network security. There
two types of filtering
- stateless packet inspection
- stateful packet inspection (SPI)
also known as pure packet filtering, does not retain memory of packets that have passed through the firewall.
stateless packet filter
also known as NAT endpoint filtering, filters traffic according to ports(TCP or UDP).
supports address and port translation and checks whether the type of application traffic is allowed.
Application-level gateway (ALG)
works at the session layer of the OSI model when a TCP or UDP connection is established.
acts as an intermediary between a LAN and the Internet.
attempts to serve client requests without actually contacting the remote server.
secures a network by keeping machines behind it anonymous; it does this through the use of NAT.
usually applied as software at the application layer and it can filter out various types of Internet activities, such as access to certain Web sites, email, instant messaging, and so on
Internet content filter,
a type of IDS that attempts to detect malicious
network activities (e.g., port scans and DoS attacks) by constantly monitoring network
network intrusion detection system (NIDS)
designed to inspect traffic, and, based on
its configuration or security policy, it can remove, detain, or redirect malicious traffic in addition to simply detecting it.
network intrusion prevention system (NIPS)
is a small network that is set up separately
from a company’s private local area network and the Internet.
perimeter network or demilitarized zone (DMZ)
This configuration has a DMZ situated between two firewall devices, which could be black box appliances or Microsoft Internet Security and
Acceleration (ISA) Servers.
usually attached to a separate connection of the company firewall.
3-leg perimeter configuration
Home > Flashcards > Print Preview