Quiz 3 study guide - Quiz 3 study guide

Chapter 5 Study Guide

Key Concepts

Firewalls

• Application Proxy Firewall

  • Advanced firewall handling traffic between two systems.

  • Connects to each system separately, filtering traffic based on rules.

• Border Firewall

  • Separates a secure network from public networks (e.g., Internet).

• Packet-Filtering Firewall

  • Inspects each packet against rules to permit or deny passage.

• Stateful Inspection Firewall

  • Examines the state of connections, beyond simple address and port rules.

Network Architecture & Protocols

• Demilitarized Zone (DMZ)

  • Exterior network acting as a buffer between public Internet and private IT infrastructure.

• Dynamic Host Configuration Protocol (DHCP)

  • Automatically provides configuration details to client computers on IP networks.

• Internet Control Message Protocol (ICMP)

  • Management protocol used for error reporting and diagnostics on IP networks.

• Internet Protocol Security (IPSec)

  • Suite of protocols connecting sites securely using IP networks.

Addressing

• IP Address

  • Unique identifier for a device on a network; can be IPv4 (32-bit) or IPv6 (128-bit).

• MAC Address Filter

  • Firewall rule filtering wireless traffic based on device MAC addresses.

• Network Address Translation (NAT)

  • Hides a system's internal IP address by using a public IP address.

• Network Port

  • A hardware port for cabling or a software construct for network message routing.

Network Devices

• Hub

  • Legacy device that connects network segments, echoing all traffic to all ports.

• Router

  • Connects multiple networks and routes packets based on predetermined paths.

• Switch

  • Connects network segments, facilitating direct communication between devices.

• Wireless Access Point (WAP)

  • Radio device receiving and transmitting IP communications via wireless technology.

Security Standards

• Secure Sockets Layer (SSL)/Transport Layer Security (TLS)

  • Cryptographic protocols for secure network communications; TLS is the successor to SSL.

• Wi-Fi Protected Access (WPA)

  • Stronger encryption method for wireless networks, recommended over WEP.

• Wired Equivalent Privacy (WEP)

  • A legacy and weak wireless encryption standard.

Additional Concepts

• Extensible Authentication Protocol (EAP)

  • Authentication framework for key and credential transport, often used in wireless networks.

• Network Access Control (NAC)

  • Restricts network access based on identity and configured rules.

• Subnet

  • Division of a network, sharing the same network address in IP addressing.

• Wide Area Networks (WANs) -

• Definition: WANs are extensive telecommunication networks that cover a broad geographic area. They can connect systems across cities, countries, or even globally. -

• Local Area Networks (LANs) -

• Definition: LANs are networks confined to a relatively small geographic area, such as a single building, office, or campus. - *

• Virtual LANs
  A collection of logically related network devices that are viewed as a partitioned
  network segment. Gives administrators the ability to separate network segments without having to physically separate the network cabling

• IPv4 address

• A 4-byte (32-bit) address that uniquely identifies a device on a network.

• IPv6 address

• A 16-byte (128-bit) address that uniquely identifies a device on a network.