



Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Domain 4 Communication and Network Security Test
Typology: Exams
1 / 7
This page cannot be seen from the preview
Don't miss anything!




Acknowledgment (ACK) - - An acknowledgment of a signal being received. Address Resolution Protocol (ARP) - - Used at the Media Access Control (MAC) layer to provide for direct communication between two devices within the same LAN segment. Advanced Persistent Threat (APT) - - An adversary with sophisticated levels of expertise and significant resources who is able to use multiple different attack vectors (e.g., cyber, physical and deception) to achieve its objectives. Its objectives are typically to establish and extend footholds within the IT infrastructure of organizations in order to continually exfiltrate information and/or to undermine or impede critical aspects of a mission, program or organization, or place itself in a position to do so in the future. Moreover, the APT pursues its objectives repeatedly over an extended period of time, adapting to a defender's efforts to resist it, and with determination to maintain the level of interaction needed to execute its objectives. Application Programming Interface (API) -
Detection (CSMA/CD) - - A method of flow control in a network. If more than one station accesses the network simultaneously, the other stations detect the event and subsequently attempt retransmission. Cellular Network - - A radio network distributed over land areas called cells, each served by at least one fixed-location transceiver, known as a cell site or base station. Circuit-Switched Network - - A network that establishes a dedicated circuit between endpoints. Code-Division Multiple Access (CDMA) - - Every call's data is encoded with a unique key, then the calls are all transmitted at once. Concentrators - - Multiplex connected devices into one signal to be transmitted on a network. Content Distribution Network (CDN) - - A large, distributed system of servers deployed in multiple data centers, which moves content to achieve QoS and availability requirements. Control Plane - - Control of network functionality and programmability is directly made to devices at this layer. OpenFlow was the original framework/protocol specified to interface with devices through southbound interfaces. Converged Protocols - - A protocol that combines (or converges) standard protocols (such as TCP/IP) with proprietary or other non- standard protocols. These can sometimes provide greatly enhanced functionality and security to meet the needs of specific situations or industries. Adopting them can also complicate enterprise-wide security engineering efforts by requiring additional specialist knowledge and skills to manage and secure. Domain Name Service (DNS) - - This acronym can be applied to three interrelated elements: a service, a physical server and a network protocol. Driver (Device Driver) - - Software layer that provides an interface for accessing the functions of hardware devices. Typically used by the OS. Dynamic Host Configuration Protocol (DHCP) -
each other and coordinate their activities with each other. Intrusion Detection System (IDS) - - A security service that monitors and analyzes network or system events for the purpose of finding and providing real-time or near real-time warning of attempts to access system resources in an unauthorized manner. Intrusion Prevention Systems (IPS) - - Uses available information to determine if an attack is underway and sends alerts but also blocks the attack from reaching its intended target. Kill Chain, Cyber Kill Chain - - A generalized attack model consisting of actions on the objective and six broad, overlapping sets of operational activities: reconnaissance, weaponization, delivery, exploitation, installation, command and control. APT actors often combine these operations in complex ways to achieve their goals; such attacks may span over many months. For defenders, the kill chain model highlights the temporary gain in security that can result by improved systems and organizational hardening across any or all of these areas. Lightweight Directory Access Protocol (LDAP) -
optimize distinct network services. Network Management - - Monitors network performance and identifies attacks and failures. Mechanisms include components that enable network administrators to monitor and restrict resource access. North-South Network Data Flow (or Traffic) -
Trusted Platform Module (TPM) - - A tamper-resistant integrated circuit built into some computer motherboards that can perform cryptographic operations (including key generation) and protect small amounts of sensitive information, such as passwords and cryptographic keys. Unbound (Wireless) Network(s) - - Network in which physical layer interconnections are done using radio, light or other means not confined to wires, cables or fibers. Devices on unbound networks may or may not be mobile. See also Bound Network(s). Virtual Local Area Networks (VLANs) - - Allow network administrators to use switches to create software-based LAN segments that can be defined based on factors other than physical location. Voice over Internet Protocol (VoIP) - - A set of technologies that enables voice to be sent over a packet network. Web Application Firewall (WAF) - - A software-based firewall, which monitors and filters exchanges between an applications program and a host. WAFs usually involve inspection and filtering of HTTP and HTTPS conversations. Wi-Fi (Wireless LAN IEEE 802.11x) - - Primarily associated with computer networking, Wi-Fi uses the IEEE 802.11x specification to create a wireless LAN either public or private. WiMAX (Broadband Wireless Access IEEE 802.16) - - A well-known example of wireless broadband. WiMAX can potentially deliver data rates of more than 30 Mbps. Zero Trust Model / Architecture - - Replaces trust, but verify as security design principle by asserting that all activities attempted, by all users or entities, must be subject to control, authentication, authorization, and management at the most granular level possible. NIST and others have proposed zero trust architectures as guidance frameworks for organizations to use as they combine microsegmentation, access control, behavior modeling, and threat intelligence (among other techniques) in moving toward a zero trust implementation.