Domain 4.5

Firewall

Device that filters network traffic

Rules

Conditions that allow or block traffic

Access lists

List of allowed or denied traffic

Ports/protocols

Communication channels and rules

Screened subnets

Isolated network segment for security

IDS

System that detects attacks and sends alerts.

Trends

Patterns of suspicious activity

Signatures

Known attack patterns

Web filter

System that blocks unsafe websites

Centralized proxy

server that filters internet traffic

URL scanning

Checking websites for threats

Content categorization

Grouping websites by type

Block rules

Rules that block certain sites

Reputation

Trust score for websites

Operating system security

Protection for the operating system

Group Policy

Central control of system settings

SELinux

Linux system that restricts access

Secure protocols

Protocols that protect data in transit

Protocol selection

Choosing a secure protocol

Port selection

Choosing a communication port

Transport method

How data moves across networks

DNS filtering

Blocking harmful websites through DNS

Email security

Protection against email threats

DMARC

Email rule that prevents spoofing

DKIM

Signature verifying email authenticity

SPF

Checks if sender is allowed to send email

Gateway

System that filters incoming email

File integrity monitoring

Detects changes to important files

NAC

checks devices before allowing them onto a network.

EDR

Detects and responds to endpoint threats

XDR

Detects & responds to threats across multiple systems

User behavior analytics

Detects unusual user activity

IPS

System that detects and blocks attacks.