Please enable JavaScript.
Coggle requires JavaScript to display documents.
CHAPTER 7 - Coggle Diagram
CHAPTER 7
-
NAT
-
-
Port address translation (PAT) - Variation of NAT that outgoing packets given same IP address but different TCP port number
-
NIDS
-
NIDS sensors installed on firewalls and routers to gather information and report back to central device
IPS
Intrusion prevention system (IPS) - Monitors to detect malicious activities like IDS does but also attempts to prevent them by stopping attack
Network intrusion prevention system (NIPS) - Similar to active NIDS that monitors network traffic to immediately react to malicious attack
NIPS vs NIDS
NIDS has sensors that monitor traffic entering and leaving firewall, and reports back to central device for analysis
NIPS would be located “in line” on firewall itself to allow NIPS to more quickly take action to block attack
Application-aware IPS - Knows information like applications and operating systems so that can provide higher degree of accuracy
-
NAC
Network access control (NAC) - Examines current state of system or network device before allowing network connection
If not met, NAC allows connection to quarantine network until deficiencies corrected
SUBNETTING
Classful addressing - Split between the network and host portions on the boundaries between the bytes
Subnetting or subnet addressing - IP address split anywhere within its 32 bits
Each network can contain several subnets, and each subnet connected through different routers can contain multiple hosts
-
REMOTE ACCESS
Remote access - Any combination of hardware and software that enables remote users to access local internal network
Remote access provides remote users with same access and functionality as local users through VPN or dial-up connection
VLAN
Virtual LAN (VLAN) - Segment network by separating devices into logical groups
VLAN allows scattered users to be logically grouped together even though physically attached to different switches