Network Security Controls: Types, Devices, and Policies

0.0(0)
studied byStudied by 0 people
0.0(0)
full-widthCall Kai
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
GameKnowt Play
Card Sorting

1/30

encourage image

There's no tags or description

Looks like no tags are added yet.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

31 Terms

1
New cards

Technical Controls

Technology-based protections enforced by hardware/software.

2
New cards

Administrative Controls

Human-centered policies, procedures, and rules.

3
New cards

Physical Controls

Tangible protections to secure physical equipment.

4
New cards

Preventive Controls

Controls that stop incidents before they occur.

5
New cards

Detective Controls

Identify and alert when threats occur.

6
New cards

Corrective Controls

Fix or recover after an incident.

7
New cards

IDS (Intrusion Detection System)

Monitors traffic and alerts on suspicious activity.

8
New cards

IPS (Intrusion Prevention System)

Detects AND blocks threats in real time.

9
New cards

SIEM (Security Information and Event Management)

Collects & analyzes logs from multiple systems.

10
New cards

Firewall

A security device/software that monitors and filters traffic based on rules.

11
New cards

Hardware Firewall

A physical device at the network perimeter.

12
New cards

Software Firewall (Host-Based)

Installed on individual devices.

13
New cards

Cloud Firewall (FWaaS)

Firewall hosted in the cloud by a provider.

14
New cards

Virtual Firewall

Software firewall inside virtualized environments.

15
New cards

Stateless Firewall

Evaluates packets based only on header rules.

16
New cards

Stateful Firewall

Tracks connection states to make smarter decisions.

17
New cards

NGFW (Next-Generation Firewall)

Advanced firewall with deep packet inspection, IPS, app filtering.

18
New cards

WAF (Web Application Firewall)

Protects web applications from attacks.

19
New cards

DMZ (Demilitarized Zone)

A network segment that separates public-facing servers from the internal LAN.

20
New cards

VLANs

Logical LANs that group devices regardless of physical location.

21
New cards

Broadcast Domain

A group of devices that receive Layer 2 broadcasts.

22
New cards

Trunking

Method of tagging VLAN traffic so multiple VLANs can share 1 cable.

23
New cards

Subnet

A logical division of an IP network.

24
New cards

MAC Spoofing

Attacker changes MAC to impersonate a trusted device.

25
New cards

MAC Flooding

Overloads CAM table with fake MACs → fail-open mode.

26
New cards

Port Security

Limits which MAC addresses a switch port allows.

27
New cards

DHCP Snooping

Blocks rogue DHCP servers.

28
New cards

DAI (Dynamic ARP Inspection)

Validates ARP packets to stop ARP spoofing.

29
New cards

Network Access Control (NAC)

Controls which users/devices can join the network.

30
New cards

Physical Security

Locks, cages, cameras to protect hardware.

31
New cards

Firewall Configuration

Proper rules ensure only approved traffic enters.