Fundamentals of Firewalls

These flashcards cover key vocabulary and concepts related to the fundamentals of firewalls, essential for understanding network defense and countermeasures.

Firewall

A barrier between the world and your network, used to secure and control access.

Packet Filtering

A type of firewall that controls access by monitoring incoming and outgoing packets based on source/destination IP addresses and ports.

Stateful Packet Filtering

A firewall method that keeps track of active connections and monitors traffic based on the state of those connections.

Circuit Level Gateway

A virtual circuit between a proxy server and internal client that checks sessions without inspecting actual data.

Application Gateway

A firewall that examines connections between client and server applications, allowing for application-level authentication.

Host-Based Firewall

A software solution that runs on a host system to provide a firewall service.

Router-Based Firewall

A firewall placed between segments of a network, often the first line of defense, utilizing packet filtering.

Next-Generation Firewall (NGFW)

A firewall that combines packet inspection and stateful inspection methods with additional security features.

SYN Flood Attack

A type of denial-of-service attack that exploits the TCP handshake, aiming to overwhelm network resources.

Ping Flood Attack

A denial-of-service attack where the attacker sends a large number of ICMP Echo Request packets to target systems.

Deep Packet Inspection (DPI)

An advanced method of inspecting and filtering data packets transmitted over the Internet.

Demilitarized Zone (DMZ)

A physical or logical subnetwork that contains and exposes external-facing services to an untrusted network.

Dual-Homed Host

A firewall configuration that adds an additional interface to a host, providing extra security between networks.

Bastion Host

A heavily fortified computer designed to withstand attacks and provide a secure gateway into the network.

Network Address Translation (NAT)

A method of remapping IP address spaces by modifying network address information in IP packet headers while in transit.

TCP (Transmission Control Protocol)

A core protocol of the Internet Protocol Suite, responsible for ensuring reliable communication between network devices.

Application Layer Gateway

Also known as an application proxy; it inspects and controls incoming and outgoing traffic at the application layer.

Transport Layer Security (TLS)

Cryptographic protocol designed to provide communications security over a computer network.

Intrusion Detection System (IDS)

A device or software application that monitors a network or systems for malicious activity or policy violations.

Packet Header

The part of a packet that contains metadata such as IP addresses, port numbers, and protocols.

Port

A virtual endpoint for sending and receiving data packets, identified by a number and used to establish communication channels.

User Authentication

The process of verifying the identity of a user who is attempting to access a firewall or network.

Filtering Rules

Criteria set on a firewall to determine which network traffic should be allowed or blocked.

Malware Filtering

The process of detecting and preventing malware from entering the network.

Stateful Inspection

A firewall capability to track the state of active connections and make decisions based on the state and context of traffic.

Spoofing

The act of disguising communication from an unknown source as being from a known, trusted source.

Access Control List (ACL)

A set of rules that define what traffic is allowed or denied within a network.

Security Policy

A defined set of procedures to protect a network and its assets from security threats.

Network Security

The practice of safeguarding a computer network from intruders, whether targeted attackers or opportunistic malware.

Firewall Administration

Management and configuration of firewall rules and settings to ensure optimal performance and security.

Virtual Private Network (VPN)

A technology that creates a secure connection over a less secure network, such as the Internet.

Internet Protocol (IP)

The principal communications protocol for relaying datagrams across network boundaries.

Intrusion Prevention System (IPS)

A network security appliance that monitors network or system activities for malicious activities or policy violations.

Scalability

The capability of a network to handle growth, particularly in terms of traffic and number of users.

Configuration Management

The process of systematically managing changes to a system in a way that maintains integrity over time.

User Education

Training given to users to help them understand security risks and proper practices to avoid threats.

Logging and Monitoring

The practice of recording and overseeing events occurring in a network to detect irregularities and potential threats.

Implementation Plan

A detailed proposal for a firewall's deployment, including its setup and operational procedures.

Firewall Evaluation

The process of assessing different firewall solutions to determine their suitability for specific security needs.

Security Risk Assessment

The process of identifying, analyzing, and evaluating risks to a network's security.

Protocol Standards

Agreed-upon specifications for data communication, defining the rules for data exchange.