Shared Flashcard Set

Details

CCNA Security 640-554 Terms
CCNA Security 640-554 Ch 12 - 22 Official Cert Guide
26
Computer Networking
Professional
05/09/2014
Click here to study/print these flashcards.

Create your own flash cards! Sign up here.

Additional Computer Networking Flashcards

 

 

Cards

Term
Define packet filtering
 Definition
Static check on known source / destination port & address
Term
Define transparent firewall
 Definition
Layer 2 FW that only analyzes traffic at layer 3
Term
What do standard ACL's filter on
 Definition
Source ip of packet
Term
What layers do ACL's work on
 Definition
Layer 3 & 4 IP and protocol inspection
Term
What is an embryonic connection
 Definition
A half open connection (Example TCP)
Term
Define stateful filtering
 Definition
Looks at layer 3 and compares to layer 7
Term
Does a stateful firewall dynamically allow return traffic
 Definition
Yes
Term
Give 2 examples of stateful firewalls
 Definition
ASA's & zone based firewalls
Term
Define an inside local NAT address
 Definition
The real ip address of the client
Term
Define inside global NAT address
 Definition
Managed ip address - real world sees this as the return ip
"My address to the real world"
Term
What does inside local become after NAT?
 Definition
Inside local becomes inside global after NAT
Term
Define outside local
 Definition
External ip address as it appears to inside hosts
Term
Example of a NAT outside local address
 Definition
Google DNS 8.8.8.8 becomes 10.1.1.8 internally after NAT
Term
SFR - IOS signatures definition
 Definition
Signature fidelity rating
Term
ASR - IOS signatures definition
 Definition
Attack severity rating
Term
TVR - IOS signatures definition
 Definition
Target value rating
Term
AR - IOS signatures definition
 Definition
Attack rating - minor value in calculating risk rating
Term
SDEE - IOS signatures
 Definition
Security device event exchange
Term
Is SDEE done in real time
 Definition
Yes
Term
Describe SDEE
 Definition
How admins are notified of security events
Term
How are security device event exchanges (SDEE) viewed?
 Definition
Cisco's IME software
Term
Define IME (in relation to Cisco's SDEE)
 Definition
IPS manager express
Term
Define unretired signature file
 Definition
Signature in use on the ASA or other security device
Term
Do unretired signature files consume memory
 Definition
Yes
Term
PSK
 Definition
Pre-Shared Key
Term
Define ISAKMP
 Definition
Internet Security Association and Key Management Protocol
Supporting users have an ad free experience!