Network Security Cheat Sheet

The core ideas of Network Security distilled into a single, scannable reference — perfect for review or quick lookup.

PiqCue — piqcue.com/network-security/cheatsheet

Quick Reference

Firewall

A network security device or software that monitors and filters incoming and outgoing network traffic based on predefined security rules. Firewalls establish a barrier between trusted internal networks and untrusted external networks such as the internet.

Intrusion Detection and Prevention Systems (IDS/IPS)

Security systems that monitor network traffic for suspicious activity. An IDS detects and alerts on potential threats, while an IPS can also take automated action to block or mitigate detected threats in real time.

Virtual Private Network (VPN)

A technology that creates an encrypted tunnel over a public network, allowing remote users to securely access a private network as if they were directly connected to it. VPNs protect data confidentiality and integrity during transmission.

CIA Triad

The three fundamental objectives of information security: Confidentiality ensures that data is accessible only to authorized parties, Integrity ensures that data is accurate and unaltered, and Availability ensures that systems and data are accessible when needed.

Zero Trust Architecture

A security model based on the principle of 'never trust, always verify.' It requires strict identity verification for every person and device attempting to access resources, regardless of whether they are inside or outside the network perimeter.

Network Segmentation

The practice of dividing a computer network into smaller subnetworks (segments or zones), each acting as its own smaller network. This limits the lateral movement of attackers and contains breaches to a smaller portion of the infrastructure.

Encryption

The process of converting plaintext data into an unreadable ciphertext format using cryptographic algorithms and keys. Only parties with the correct decryption key can restore the data to its original form, protecting it from unauthorized access.

Denial-of-Service (DoS) Attack

An attack that aims to make a network resource or service unavailable to its intended users by overwhelming it with a flood of illegitimate traffic or exploiting a vulnerability that causes the system to crash. A Distributed Denial-of-Service (DDoS) attack uses multiple compromised systems to amplify the assault.

Public Key Infrastructure (PKI)

A framework of roles, policies, hardware, software, and procedures used to create, manage, distribute, store, and revoke digital certificates. PKI enables secure electronic communication by binding public keys to the identities of entities through a Certificate Authority (CA).

Penetration Testing

An authorized, simulated cyberattack performed on a computer system or network to evaluate its security posture. Penetration testers use the same techniques as malicious hackers to identify vulnerabilities before real attackers can exploit them.

Key Terms at a Glance

Access Control List (ACL):A set of rules on a network device that determines which traffic is allowed or denied based on source, destination, protocol, or port.

Advanced Persistent Threat (APT):A prolonged, targeted cyberattack in which an intruder gains access to a network and remains undetected for an extended period to steal data.

Authentication:The process of verifying the identity of a user, device, or system before granting access to network resources.

Authorization:The process of determining what resources and operations an authenticated user or system is permitted to access.

Botnet:A network of compromised computers (bots) controlled remotely by an attacker, commonly used to launch DDoS attacks or distribute malware.

Certificate Authority (CA):A trusted entity that issues digital certificates to verify the identity of organizations, servers, and users in a Public Key Infrastructure.

Deep Packet Inspection (DPI):A method of examining the full data payload of network packets as they pass through an inspection point, enabling detection of malicious content beyond header information.

Defense in Depth:A layered security strategy that deploys multiple defensive mechanisms so that if one layer is compromised, additional layers continue to protect the system.

DMZ (Demilitarized Zone):A physical or logical subnetwork that separates an internal local area network from untrusted external networks, typically hosting public-facing services.

Encryption:The process of converting readable data (plaintext) into an encoded format (ciphertext) that can only be decoded by authorized parties possessing the correct key.

Firewall:A network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules.

Honeypot:A security mechanism set up as a decoy to attract attackers, detect unauthorized access attempts, and gather intelligence about attack techniques.

Intrusion Detection System (IDS):A device or software application that monitors a network for malicious activity or policy violations and produces alerts.

Intrusion Prevention System (IPS):A network security tool that monitors traffic and actively blocks detected threats in addition to generating alerts.

Least Privilege:A security principle that restricts user and system access rights to only the minimum permissions necessary to perform their required tasks.

Get study tips in your inbox

We'll send you evidence-based study strategies and new cheat sheets as they're published.

We'll notify you about updates. No spam, unsubscribe anytime.