CompTIA Security+ Cert Prep 8 Network
Security and Design Imp Part2
(Answered) 100% Correct. Updated Fall
2024/2025.
Round Robin Scheduling
each server gets an equal number of requests
-load balancing
session persistence
routes an individual user's requests to the same server
-load balancing
active - active
An approach to load balancing where two or more load balancers actively handle network traffic and
continue to function with diminished capacity if one device fails
active - passive
An approach to load balancing where one bad load balancer handles all traffic while a second monitors
activity and assumes responsibility if the primary load balancer fails
Virtual Private Network (VPN)
work by using encryption to create a virtual tunnel between two systems over the internet
site-to-site VPN
encrypt tunnels connecting two networks together in a manner that is transparent to users
-connect remote offices to each other and headquarters
-tunnel mode
Remote Access VPN
End-UserVPN
Provide remote access to corporate networks for mobile users
-provide encrypted remote network access for individual systems
- transparent mode
VPN Endpoints
Firewalls, Routers, Servers, VPN Concentrators
VPN concentrator
, can handle high volumes of VPN usage
-high bandwidth traffic
Internet Protocol Security (IPSec)
A protocol suite for securing Internet Protocol (IP) communications.
- secures entire packet payload
SSL/TLS VPNs
work at the application layer over TCP port 443
-allowed through almost every firewall
full-tunnel VPN
All network traffic leaving the connected device is routed through the VPN tunnel, regardless of its final
destination
Split-tunnel VPN
Only traffic destined for the corporate network is sent through the VPN tunnel. Other traffic is routed
directly over the internet
-not recommended, false sense of security
protocol analyzers
called sniffers or network monitors, are used to capture packets in their raw format as they cross the
network
- Wireshark
libpcap
wireshark and tcpdump are both built on the _______ library
-same code base
Unified Threat Management (UTM)
comprehensive security management tool that combines multiple security tools, including firewalls,
virtual private networks, intrusion detection systems, and web content filtering and anti-spam software
perimeter security
keep unwanted remote users out of the network entirely through the use of firewalls and other controls
Network Access Control (NAC)
intercepts network traffic coming from unknown devices and verifies that the system and user are
authorized before allowing further communication
- uses 802.1x authentication
firewall rule management
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller ACADEMICAIDSTORE. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $11.39. You're not tied to anything after your purchase.
