1. Главная
  2. Книги
  3. Vallabhaneni S. Rao
  4. CISSP Practice
  5. Страница 328
Выбрать главу

Network address translation (NAT)

(1) A routing technology used by many firewalls to hide internal system addresses from an external network through use of an addressing schema. (2) A mechanism for mapping addresses on one network to addresses on another network, typically private addresses to public addresses.

Network address translation (NAT) and port address translation (PAT)

Both NAT and PAT are used to hide internal system addresses from an external network by mapping internal addresses to external addresses, by mapping internal addresses to a single external address or by using port numbers to link external system addresses with internal systems.

Network administrator

A person responsible for the overall design, implementation, and maintenance of a network. The scope of responsibilities include overseeing network security, installing new applications, distributing software upgrades, monitoring daily activity, enforcing software licensing agreements, developing a storage management program, and providing for routine backups.

Network architecture

The philosophy and organizational concept for enabling communications among data processing equipment at multiple locations. The network architecture specifies the processors and terminals and defines the protocols and software used to accomplish accurate data communications. The set of layers and protocols (including formats and standards) that define a network.

Network-based intrusion detection systems (IDSs)

IDSs which detect attacks by capturing and analyzing network packets. Listening on a network segment or switch, one network-based IDS can monitor the network traffic affecting multiple hosts that are connected to the network segment.

Network-based intrusion prevention system

A program that performs packet sniffing and analyzes network traffic to identify and stop suspicious activity.

Network-based threats

Examples include (1) Web spoofing attack, which allows an impostor to shadow not only a single targeted server, but also every subsequent server accessed, (2) masquerading as a Web server using a man-in-the-middle (MitM) attack, whereby requests and responses are conveyed via the imposter as a watchful intermediary, (3) eavesdropping on messages in transit between a browser and server to glean information at a level of protocol below HTTP, (4) modifying the DNS mechanisms used by a computer to direct it to a false website to divulge sensitive information (i.e., pharming attack), (5) performing denial-of-service (DoS) attacks through available network interfaces, and (6) intercepting messages in transit and modify their contents, substitute other contents, or simply replaying the transmission dialogue later in an attempt to disrupt the synchronization or integrity of the information.

Network behavior analysis system

An intrusion detection and prevention system (IDPS) that examines network traffic to identify and stop threats that generate unusual traffic flows.

Network configuration

A specific set of network resources that form a communications network at any given point in time, the operating characteristics of these network resources, and the physical and logical connections that have been defined between them.

Network congestion

Occurs when an excess traffic is sent through some part of the network, which is more than its capacity to handle.

Network connection

Any logical or physical path from one host to another that makes possible the transmission of information from one host to the other. An example is a TCP connection. Also, when a host transmits an IP datagram employing only the services of its “connection-less” IP interpreter, there is a connection between the source and the destination hosts for this transaction.

Network control protocol (NCP)

Network Control Protocol (NCP) is one of the features of the Point-to-Point Protocol (PPP) used to negotiate network-layer options independent of the network layer protocol used.

Network device

A device that is part of and can send or receive electronic transmissions across a communications network. Network devices include end-system devices such as computers, terminals, or printers; intermediary devices such as bridges and routers that connect different parts of the communications network; and link devices or transmission media.

Network interface card (NIC)

Network interface cards are circuit boards used to transmit and receive commands and messages between a PC and a LAN. A NIC operates in the Data Link Layer of the ISO/OSI Reference model.

Network layer

Portion of an open system interconnection (OSI) system responsible for data transfer across the network, independent of both the media comprising the underlying sub-networks and the topology of those sub-networks.

Network layer security

Protects network communications at the layer that is responsible for routing packets across networks.

Network management

The discipline that describes how to monitor and control the managed network to ensure its operation and integrity and to ensure that communications services are provided in an efficient manner. Network management consists of fault management, configuration management, performance management, security management, and accounting management.

Network management architecture

The distribution of responsibility for management of different parts of the communications network among different managing-software-products. It describes the organization of the management of a network. The three types of network management architectures are the centralized, distributed, and distributed hierarchical network management architectures.

Network management protocol

A protocol that conveys information pertaining to the management of the communications network, including management operations from managers as well as responses to polling operations, notifications, and alarms from agents.

Network management software

Software that provides the capabilities for network and security monitoring and managing the network infrastructure, allowing systems personnel to administer the network effectively from a central location.

Network overload

A network begins carrying an excessive number of border gateway protocol (BGP) messages, overloading the router control processors and reducing the bandwidth available for data traffic.

Network protection device

A product such as a firewall or intrusion detection device that selectively blocks packet traffic based on configurable and emergent criteria.

Network protection testing

Testing that is applicable to network protection devices.

Network scanning tool

It involves using a port scanner to identify all hosts potentially connected to an organization’s network, the network services operating on those hosts (e.g., FTP and HTTP), and specific applications. The goal is to identify all active hosts and open ports.

Network security

The protection of networks and their services from all natural and human-made hazards. This includes protection against unauthorized access, modification, or destruction of data; denial-of of-service; or theft.

Network security layer

Protecting network communications at the layer of the TCP/IP model that is responsible for routing packets across networks.

Network service worm

A worm that spreads by taking advantage of vulnerability in a network service associated with an operating system or an application system.

~ 328 ~