If you’re planning to take the SY0-501 exam, you should have a basic understanding of implementing a secure network. This includes using various network devices to support organizational security.
For example, can you answer this practice test question?
Q. Your email server is getting overloaded with spam and much of it is malicious. You need to implement a solution that can help reduce the amount of spam reaching the email server. Which of the following is the BEST choice?
A. Reverse proxy
B. Media gateway
C. Web application firewall
D. Mail gateway
More, do you know why the correct answer is correct and the incorrect answers are incorrect? The answer and explanation are available at the end of this post.
Media Gateway
A media gateway is a device that converts data from the format used on one network to the format used on another network. As an example, a VoIP gateway converts telephony traffic between traditional phone lines and an IP-based network. This allows users to make and receive phone calls using VoIP equipment and the gateway can translate the traffic and transmit the calls over a traditional phone line.
Proxy Servers
Many networks use proxy servers (or forward proxy servers) to forward requests for services (such as HTTP or HTTPS) from clients. They can improve performance by caching content and some proxy servers can restrict users’ access to inappropriate web sites by filtering content. A proxy server is located on the edge of the network bordering the Internet and the intranet, as shown in the figure.
Administrators configure internal clients to use the proxy server for specific protocols. The proxy accepts their requests, retrieves the content from the Internet, and then returns the data to the client. Most proxy servers only act as a proxy for HTTP and HTTPS. However, proxy servers can also proxy other Internet protocols, such as FTP.
Caching Content for Performance
The proxy server increases the performance of Internet requests by caching each result received from the Internet. Any data that is in the proxy server’s cache doesn’t need to be retrieved from the Internet again to fulfill another client’s request. In this context, cache simply means “temporary storage.” Cache could be a dedicated area of RAM, or, in some situations, it could also be an area on a high-performance disk subsystem.
As an example, if Lisa retrieves a web page from GetCertifiedGetAhead.com, the proxy server would store the result in cache. If Homer later requests the same page, the proxy server retrieves the page from cache and sends it to Homer. This reduces the amount of Internet bandwidth used for web browsing because the page doesn’t need to be retrieved again.
The 601 Version of the Study Guide
The CompTIA Security+: Get Certified Get Ahead: SY0-601 Study GuideEach of the eleven chapters presents topics in an easy to understand manner and includes real-world examples of security principles in action.
You’ll understand the important and relevant security topics for the Security+ exam, without being overloaded with unnecessary details. Additionally, each chapter includes a comprehensive review section to help you focus on what’s important.
Over 300 realistic practice test questions with in-depth explanations will help you test your comprehension and readiness for the exam. The book includes:
- A 75 question pre-test
- A 75 question post-test
- Practice test questions at the end of every chapter.
Each practice test question includes a detailed explanation to help you understand the content and the reasoning behind the question. You’ll be ready to take and pass the exam the first time you take it.
If you plan to pursue any of the advanced security certifications, this guide will also help you lay a solid foundation of security knowledge. Learn this material, and you’ll be a step ahead for other exams. This SY0-601 study guide is for any IT or security professional interested in advancing in their field, and a must-read for anyone striving to master the basics of IT security.
Mail Gateways
A mail gateway is a server that examines all incoming and outgoing email and attempts to reduce risks associated with email. Many vendors sell appliances that perform all the desired services of a mail gateway. Administrators locate it between the email server and the Internet and configure it for their purposes. All mail goes to the gateway before it goes to the email server. Additionally, many vendors include a mail gateway within a UTM appliance. The mail gateway is just another security feature within the UTM appliance.
Spam is unsolicited email and attackers commonly use spam to launch attacks. For example, spam can include malware as an attachment or it might include a link to a malicious web site. A spam filter within a mail gateway filters out spam from incoming email. By filtering out spam, it helps block attacks.
Mail gateways often include data loss prevention (DLP) capabilities. They examine outgoing email looking for confidential or sensitive information and block them. As an example, imagine an organization is working on a secret project with a codeword of “DOH.” All documents associated with this project have the keyword within them. The mail gateway includes this keyword in its searches and when it detects the keyword within an email or an attachment, it blocks the email. Administrators have the choice of configuring the gateway to notify security personnel, the user who sent the email, or both when it blocks an email.
Many mail gateways also support encryption. They can encrypt all outgoing email to ensure confidentiality for the data-in-transit, or only encrypt certain data based on policies. For example, if an organization is working on a project with another organization, administrators can configure the gateway to encrypt all traffic sent to the other organization. The method of encryption varies from vendor to vendor. For example, some vendors use certificate-based encryption. Others use password-based encryption.
Q. Your email server is getting overloaded with spam and much of it is malicious. You need to implement a solution that can help reduce the amount of spam reaching the email server. Which of the following is the BEST choice?
A. Reverse proxy
B. Media gateway
C. Web application firewall
D. Mail gateway
Answer is D. A mail gateway is placed between an email server and the Internet and it can filter out spam.
None of the other solutions includes a spam filter.
A reverse proxy protects an internal web server.
A media gateway converts data from one format to another, such as telephony traffic to IP-based traffic.
A web application firewall protects a web server.
See Chapter 3 of the CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide for more information on implementing a secure network.
