Security + Computer System Security

DCOM 258 E31

Name: Shaamim Ahmed
Chapter 07: Network Perimeter Security
Part # 1

Define the following Key Terms (12 points)

Firewall
The most important strategic pieces in your network security design is the
firewall.
Understand other network security concepts such as packet filtering, access
control lists, proxy servers, and honeypots.
Packet filtering
Inspects each packet passing through the firewall and accepts or rejects it based
on rules
NAT filtering
Filters traffic according to ports (TCP or UDP)
Application-level gateway
Applies security mechanisms to specific applications, such as FTP
Circuit-level gateway
Works at the session layer of the OSI model and applies security mechanisms
when a TCP or UDP connection is established
Proxy Server
HTTP proxies (known as proxy servers) act as a go-between for the clients on the
network and the Internet. Simply stated, they cache website information for the
clients, reducing the amount of requests that need to be forwarded to the actual
corresponding web server on the Internet.
Honeypot
Generally, a single computer but could also be a file, group of files, or an area of
unused IP address space.
Honeynet
One or more computers, servers, or an area of a network; these are used when a
single honeypot is not sufficient.
Network intrusion detection system (NIDS)
A type of IDS that attempts to detect malicious network activities, for example
port scans and DoS attacks.
Network intrusion prevention system (NIPS)
Designed to inspect traffic, and based on its configuration or security policy, it can
remove, detain, or redirect malicious traffic.
The protocol analyzer (NIDS and/or NIPS)
Protocol analyzers such as Wireshark (Ethereal) or Network Monitor are loaded
on a computer and are controlled by the user in a GUI environment; they capture
packets enabling the user to analyze them and view their contents.
Some NIDS and NIPS integrate these into their system.

Security + Computer System Security

DCOM 258 E31

Part #2.

Short Answer Section (8 points)

1. Identify the five combination of network security devices and methodologies of

Unified Threat Management (UTM)
I.
Firewalls
II.
NIDS/NIPS
III.
Content filtering
IV. Antimalware systems
V. Data leak prevention
VI.
VPNs
2. What are the functions of the following concepts?
1. IP proxy
2. Caching proxy
3. Internet content filter
3. Data Loss Prevention (DLP) is designed to protect data by way of content
inspection. List the three concepts used.
I.
Network-based DLP
II.
Endpoint-based DLP
III.
Storage-based DLP
4. Describe:
1. Electro-magnetic interference (EMI)
Electromagnetic interference (EMI), a disturbance that can affect electrical circuits,
devices, and cables due to electromagnetic conduction or radiation.
2. Radio frequency interference (RFI)
Radio frequency interference (RFI), interference that can come from AM/FM
transmissions and cell towers.
3. Crosstalk
Crosstalk When a signal transmitted on one copper wire creates an undesired effect
on another wire; the signal bleeds over, so to speak.
4. Near-end crosstalk (NEXT)
If wires are not tightly twisted, the result is Near End Crosstalk (NEXT). Most of us
have experienced a telephone call where we could hear another conversation faintly
in the background.
5. Far-end crosstalk (FEXT)
Interference between two pairs of a cable measured at the other end of the cable with
respect to the interfering transmitter.

Security + Computer System Security

DCOM 258 E31