CompTIA Security+ (SY0-601): Perimeter Security
This section explains perimeter security as the defense layer between internal networks and external WANs, utilizing various devices. It details firewall techniques like packet filtering—both stateless and stateful—and NAT filtering, which control traffic based on packet attributes, connection states, and port usage to protect the network boundary.
Perimeter Security
Security devices focused on the boundary between the LAN and the WAN in your organization’s network
Perimeter security relies on several different devices
Key Terms
Perimeter Security
Security devices focused on the boundary between the LAN and the WAN in your organization’s network
Firewalls: Packet Filtering
Inspects each packet passing through the firewall and accepts or rejects it based on the rules
Firewalls: NAT Filtering
Filters traffic based upon the ports being utilized and type of connection
(TCP or UDP)
Firewalls: Application-Layer Gateway
Conducts an in-depth inspection based upon the application being used
Firewalls: Circuit-Level Gateway
Operates at the session layer and only inspects the traffic during the establishment of the initial session over TCP or ...
Firewalls: Explicit Allow
Traffic is allowed to enter or leave the network because there is an ACL rule that specifically allows it
Related Flashcard Decks
Study Tips
- Press F to enter focus mode for distraction-free studying
- Review cards regularly to improve retention
- Try to recall the answer before flipping the card
- Share this deck with friends to study together
| Term | Definition |
|---|---|
Perimeter Security | Security devices focused on the boundary between the LAN and the WAN in your organization’s network Perimeter security relies on several different devices |
Firewalls: Packet Filtering | Inspects each packet passing through the firewall and accepts or rejects it based on the rules Stateless Packet Filtering |
Firewalls: NAT Filtering | Filters traffic based upon the ports being utilized and type of connection |
Firewalls: Application-Layer Gateway | Conducts an in-depth inspection based upon the application being used |
Firewalls: Circuit-Level Gateway | Operates at the session layer and only inspects the traffic during the establishment of the initial session over TCP or UDP |
Firewalls: Explicit Allow | Traffic is allowed to enter or leave the network because there is an ACL rule that specifically allows it Example: allow TCP 10.0.0.2 any port 80 |
Firewalls: Explicit Deny | Traffic is denied the ability to enter or leave the network because there is an ACL rule that specifically denies it Example: deny TCP any any port 23 |
Firewalls: Implicit Deny | Traffic is denied the ability to enter or leave the network because there is no specific rule that allows it Example: deny TCP any any port any |
WAF | Web-Application Firewall: A WAF can prevent a XSS or SQL injection |
Proxy Server | A device that acts as a middle man between a device and a remote server |
IP Proxy | IP Proxy is used to secure a network by keeping its machines anonymous during web browsing |
Caching Proxy | Attempts to serve client requests by delivering content from itself without actually contacting the remote server Disable Proxy Auto-Configuration (PAC) files for security |
Web Security Gateway | A go-between device that scans for viruses, filters unwanted content, and performs data loss prevention functions |
Honeypot/Honeynet | Honeypots and honeynets are used to attract and trap potential attackers Honeypot Honeynet Honeypots are normally used in security research |
UTM | Unified Threat Management: UTM may include a firewall, NIDS/NIPS, content filter, anti-malware, DLP, and VPN UTM is also known as a Next Generation Firewall (NGFW) |