2.1 Explain the importance of security concepts in an enterprise environment Flashcards

1
Q

Diagrams

A

a graphical diagram that maps out the network, physical data (server),
and device

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Baseline Config.

A

Documenting the security of a application (fire wall, patch levels, OS files) and checking for any deviations. (INTGREITY CHECK)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Standard Naming Conventions

A

A set of rules/standards of what something is named. (Files, devices, users, ports)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

IP Schema

A

standardization for IP addressing. a way to assign IP address to users and devices without duplicating.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Data Sovereignty

A

Data in that country is subject to the Laws of that country.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Data Masking

A

is related to hiding original data by replacing data, mixing, shuffling so that the data is protected. (Data maybe visible on the server though)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Data Encryption

A

Plain text is encrypted into a ciphertext (algorithm) only way to decipher it is with a KEY.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Data at Rest

A

Data that is stored. If the data is stored it needs to be protected.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Data in Transit/Motion

A

Data being sent over the network. Needs to be protected by TLS, IPsec, firewall, IPS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Data in processing

A

Data actively used in memory (RAM, CPU).
This data is unencrypted because its in the memory.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Tokenization

A

Replaces sensitive numbers with a set of different numbers. A tokenization sever authenticates those 2nd set of number. (not encrypted)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

IRM (information Rights Management )

A

Restricting what you do on a document such PDF, Microsoft docs, email messages.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

DLP (Data Loss Prevention)

A

Intelligent system that protects/prevents your data from leaving you network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Types of DLP

A

-Endpoint DLP data in use on a workstation (in and out)
-Network DLP in and out packets
-Blocks hardware (USB)
-Cloud DLP watches traffic, prevents data going to URLs, blocks malicious attacks
-Email DLP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Geographical Considerations

A

Considering laws and regulations of where your data is stored.
-Access, recovery,

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Response and Recovery Controls

A

Documenting/identifying a attacks and containing it. (Reduces the impact of the attack)

17
Q

SSL/TLS Inspection

A

There is a client server that inspects incoming traffic before it reaches the client. Decrypts data at the firewall by using CA certificates.

18
Q

Hashing

A

One way encryption through a mathematical process. (there is no reversing it) Fixed length

19
Q

API Considerations

A
20
Q

Site Resiliency

A

having a Recovery site for data available when there is a disaster.

21
Q

Hot Site

A

A exact replica of the original site. data will be synchronized in real time (hard ware and infrastructure)

22
Q

Cold Site

A

A empty site that has little to no hardware or infrastructure. Will take weeks to be operational

23
Q

Warm site

A

Has some equipment for a recovery site. usually up within a few days

24
Q

Honeypots

A

A fake sever that attracts a attacker. designed to look like your actual server.

25
Q

Honeynet

A

A collection of a honeypots. Designed to look like a cooperate network.

26
Q

Honeyfiles

A

Files that send a alerts for unauthorized activity. (seem real)

27
Q

Fake telemetry

A

Fake traffic being sent over a network. Makes honeypots and honeynets look real

28
Q

DNS Sinkhole

A

Users that try to visit a malious site is redirected with a fake DNS so that you can identify the infected user. (combats Bots)