3.2 - CompTIA Security+

Security zones

Segments within a network designed to isolate and protect different types of data and services, categorized into trusted, untrusted, and semi-trusted areas.

Attack surface

The total sum of the vulnerabilities and entry points in a system that could be exploited by an attacker.

Connectivity

The manner in which components of a system are interconnected, influencing attack vectors and required security measures.

Fail-open

A condition where a security device/network component allows data to flow during a failure, potentially exposing the system to risks.

Fail-closed

A condition where a security device/network component prevents data flow during a failure.

Active monitoring configuration

A configuration that allows real-time analysis/prevention of security events, enabling immediate response to threats.

Passive monitoring configuration

A configuration that allows normal communication of devices while redirecting traffic to a monitoring device without impacting performance.

Jump server

A hardened device on an internal network accessible to outside users, allowing authorized connections to internal devices.

Proxy server

A network device that intercepts client requests and forwards responses back to clients.

Intrusion detection system (IDS)

A solution that detects unauthorized access to a network or system.

Intrusion prevention system (IPS)

A solution that detects and prevents unauthorized access to a network or system.

Load balancer

A device or software application that distributes incoming network traffic across multiple servers.

Sensors

Devices that monitor conditions in a network to gather data and identify potential threats.

Port security

Security measures applied to individual interfaces on a device or connections.

802.1X

A network protocol providing centralized authentication for devices trying to connect to a LAN or WLAN.

Extensible Authentication Protocol (EAP)

An authentication framework that supports multiple authentication methods for the authentication process.

Web application firewall (WAF)

Firewalls that analyze input into web applications to allow or block traffic based on the input.

Unified threat management (UTM)

Older firewalls that bundle multiple security features into a single device.

Next-generation firewall (NGFW)

A security solution that filters application-level traffic and includes features like deep packet inspection.

Layer 4 device

A firewall/network device that inspects traffic over OSI layer 4 (Transport layer).

Layer 7 device

A firewall/network device that inspects traffic over OSI layer 7 (Application layer).

Virtual private network (VPN)

A device that encrypts internet traffic and creates a secure tunnel for remote access.

Remote access

A method allowing users to connect to a private network over the internet for secure communication.

Tunneling

A technique used to encapsulate and encrypt data packets within another packet for secure transmission.

Transport Layer Security (TLS)

A cryptographic protocol for secure communication over a computer network, an upgrade to SSL.

Internet Protocol Security (IPSec)

A network security protocol used to encrypt IP packets and authenticate packet sources.

Software-defined wide area network (SD-WAN)

Networking technology using SDN to manage WAN performance.

Secure Access Service Edge (SASE)

A cloud-based architecture integrating network security functions with WAN capabilities.