2.1 Explain the importance of security concepts in an enterprise environment Flashcards
Diagrams
a graphical diagram that maps out the network, physical data (server),
and device
Baseline Config.
Documenting the security of a application (fire wall, patch levels, OS files) and checking for any deviations. (INTGREITY CHECK)
Standard Naming Conventions
A set of rules/standards of what something is named. (Files, devices, users, ports)
IP Schema
standardization for IP addressing. a way to assign IP address to users and devices without duplicating.
Data Sovereignty
Data in that country is subject to the Laws of that country.
Data Masking
is related to hiding original data by replacing data, mixing, shuffling so that the data is protected. (Data maybe visible on the server though)
Data Encryption
Plain text is encrypted into a ciphertext (algorithm) only way to decipher it is with a KEY.
Data at Rest
Data that is stored. If the data is stored it needs to be protected.
Data in Transit/Motion
Data being sent over the network. Needs to be protected by TLS, IPsec, firewall, IPS
Data in processing
Data actively used in memory (RAM, CPU).
This data is unencrypted because its in the memory.
Tokenization
Replaces sensitive numbers with a set of different numbers. A tokenization sever authenticates those 2nd set of number. (not encrypted)
IRM (information Rights Management )
Restricting what you do on a document such PDF, Microsoft docs, email messages.
DLP (Data Loss Prevention)
Intelligent system that protects/prevents your data from leaving you network.
Types of DLP
-Endpoint DLP data in use on a workstation (in and out)
-Network DLP in and out packets
-Blocks hardware (USB)
-Cloud DLP watches traffic, prevents data going to URLs, blocks malicious attacks
-Email DLP
Geographical Considerations
Considering laws and regulations of where your data is stored.
-Access, recovery,