LAN Security and Firewalls Overview

A set of flashcards covering key terms and concepts related to LAN security, device hardening, firewalls, and common security practices.

CIA Triad

A fundamental model for information security composed of three core principles: Confidentiality, Integrity, and Availability, ensuring the protection of information assets.

Confidentiality (CIA Triad)

The principle of protecting information from unauthorized access, ensuring that only authorized individuals, entities, or processes can view or disclose sensitive data.

Integrity (CIA Triad)

The principle of maintaining the accuracy, consistency, and trustworthiness of data over its entire lifecycle, protecting it from unauthorized modification or destruction.

Availability (CIA Triad)

The principle of ensuring that systems, data, and services are accessible and usable by authorized users when needed, often through redundant systems and disaster recovery plans.

Managerial / Administrative Controls

Security controls that involve policies, procedures, guidelines, and rules set by management to govern organizational behavior and implement security objectives (e.g., security awareness training, incident response plans).

Operational Controls

Security controls implemented and executed by people in the daily operations of a system or network to enforce security policies (e.g., user access reviews, vulnerability management, security auditing).

Physical Controls

Tangible security measures implemented to prevent or deter unauthorized physical access to sensitive areas, equipment, and data centers (e.g., locked doors, access cards, security guards).

Technical Controls

Security controls implemented through hardware or software tools and mechanisms to protect systems and data (e.g., firewalls, encryption, authentication systems).

Preventive Controls

Security measures designed to stop security incidents from occurring in the first place, acting proactively to avert threats (e.g., firewalls, strong authentication, access control lists).

Deterrent Controls

Security measures intended to discourage potential attackers from attempting to breach security, often by making the attack effort seem too difficult or risky (e.g., security cameras, warning signs, visible security guards).

Detective Controls

Security measures designed to identify and detect security incidents or intrusions that have already occurred or are in progress (e.g., intrusion detection systems, audit logs, security cameras for review).

Corrective Controls

Security measures implemented to fix vulnerabilities, restore systems, or recover data after a security incident has occurred (e.g., patching systems, restoring from backups, incident response procedures).

Compensating Controls

Alternative security controls implemented when a primary control is not feasible, too expensive, or cannot fully meet the security requirements, providing an equivalent level of protection.

Directive Controls

Security controls that provide guidance, rules, or instructions to users or systems on how to act to maintain security (e.g., security policies, acceptable use policies, sign-in procedures).

Bollards

Physical barriers, typically strong posts, used to block vehicle access to sensitive areas, channel pedestrian flow, or protect buildings from impact.

Access Control Vestibule (Mantrap)

A security entryway designed with two interlocking doors where the first door must close before the second one can open, allowing for "one at a time" entry and often used for biometric verification.

Security Fences

Physical barriers used to define property boundaries, restrict access, and deter unauthorized entry to secure areas.

Security Signs

Warning or informational signs used to communicate security policies, presence of surveillance, or restricted access areas to deter unauthorized individuals.

Security Guards (Physical Control)

Personnel, human or robotic, responsible for monitoring access points, patrolling premises, enforcing security policies, and responding to suspicious activities.

Access Badges

Identification cards used for physical access control, often incorporating technologies like RFID, which log movement and link physical access to digital identities and permissions.

Security Lighting

Illumination deployed in and around secure premises to deter intruders by increasing visibility and making unauthorized activities more noticeable, especially in dark areas.

Security Sensors

Devices used to detect various physical phenomena, such as motion, pressure, or movement, to identify potential intrusions or unauthorized presence in secured areas.

Motion Sensors

Electronic devices that detect physical movement in a monitored area, often using technologies like infrared, microwave, or ultrasonic waves, to trigger alarms or surveillance.

Pressure Sensors

Sensors that detect changes in pressure applied to a surface, commonly used in floor mats or under objects to identify presence or tampering.

Movement Sensors

General term for sensors designed to detect various forms of physical movement within a protected zone.

Infrared Sensors

Motion sensors that detect changes in heat (infrared radiation) emitted by living beings, commonly used for intrusion detection in security systems.

Microwave Sensors

Motion sensors that emit microwave energy and detect changes in the reflected pattern when movement occurs, capable of covering larger areas than infrared sensors.

Ultrasonic Sensors

Motion sensors that emit high-frequency sound waves and detect changes in the echo pattern to identify movement within a confined space.

Video Surveillance (CCTV)

The use of Closed-Circuit Television (CCTV) systems to monitor and record activities in secure areas, crucial for deterrence, detection, and evidence collection, requiring proper coverage, resolution, storage, and privacy considerations.

Security Locks

Mechanisms designed to control access to physical spaces or objects, ranging from simple mechanical devices to advanced electronic and biometric systems.

Mechanical Locks

Traditional locks operated with a physical key or combination, such as deadbolts and knob locks, relying on internal tumblers or pins.