2.1 Explain the Importance of security concepts in an enterprise environment Flashcards
Helps ensure that systems are deployed in a secure and consistent state and that they stay in a secure and consistent state throughout their lifetime.
Configuration Management
The initial implementation of a system under the standardized minimal level of security that all systems in an organization must comply with.
Baseline Configuration
The concept that, once information has been converted into a binary form and stored as digital files, it is subject to the laws of the country within which the storage device resides.
Data Sovereignty
The collection of security measures intended to control access in order to optimize the protection of confidentiality, integrity and availability (CIA)
Data Protection
Systems specifically implemented to detect and prevent unauthorized access to, use of, or transmission of sensitive information.
Data Loss Prevention (DLP)
The hiding of content when being displayed or printed.
Masking
Data States
At rest, in transit/ motion and in processing.
Uses unique identifying symbols / characters to represent sensitive data.
Tokenization
The governance of the permissions and privileges granted to users.
Rights management
Used to encrypt traffic between a web browser and web server.
Secure Sockets Layer (SSL) and Transport Layer Security (TLS)
A dedicated device used to decode secure communications for the purpose of filtering and monitoring.
SSL/ TLS inspection
Providing a secondary location where a business can be moved and mission-critical business operations can be performed. The three levels of alternate sites are are: hot, warm, and cold.
Site resiliency
A fictitious environment designed to fool attackers and intruders and lure them away from the private secured network.
Honeypots
False work files that are used to tempt intruders or problematic insiders.
Honeyfiles
Two or more networked honeypots used in tandem to monitor or recreate larger, more diverse network arrangements.
Honeynets
