2.1 Explain the importance of security concepts in an enterprise environment. Flashcards
Hot Site
a fully configured alternate network that can be quickly brought online after a disaster. With a hot site, systems and data are usually up-to-date.
Cold Site
an alternate location where a network can be rebuilt after a disaster occurred. A cold site can take some time to implement, as systems and assets (including data) are not readily configured and available for full use.
Warm Site
a dormant alternate location, or a location that performs noncritical functions under normal conditions but can be rapidly converted to a main operations site with minimal effort.
Failover
refers to system redundancy. With a failover configuration, an additional device is configured to function when the primary configuration fails.
Identify the removable device that when added to a system, provides cryptographic key generation, management, and storage.
HSM
HSM
A Hardware Security Module (HSM) is a device used to generate, maintain and store cryptographic keys. It can be an external device and can easily be added to a system. The HSM will maintain the integrity of the key.
TPM
The Trusted Platform Module (TPM) is a hardware-based encryption solution that is embedded in the system and provides secure key storage for full disk encryption.
SoC
A system on a chip includes all the functionality of a system in a compact solution. Mobile computing devices typically have this.
Hardware root of trust
A hardware root of trust is a known secure starting point by embedding a private key in the system. The key remains private until the public key is matched.
DLP
A Data Loss Prevention (DLP) system can integrate with a mail gateway server to examine the contents of the email or attachments and determine if it can be sent. This will prevent situations like the one mentioned from occurring.
Data at rest
Data at rest is when data is in some sort of persistent storage media. Examples include financial information stored in databases, archived audiovisual media, and operational policies.
In what state is data in when It is when data is transmitted over a network.
Data in transit and data in motion are the same. Examples include website traffic and remote access traffic, and data being synchronized between cloud repositories.
Which of the following is a method of securing sensitive information, such as an account number, into a random string of characters that requires no mathematical process?
Tokenization
Tokenization
Tokenization is a database de-identification method where all or part of data in a field is substituted with a randomly generated token. The token is stored with the original value separate to the production database.
SSL Accelerator
A Secure Socket Layer (SSL) Accelerator is a hardware device used to encrypt Transport Layer Security (TLS) traffic and should be placed close to the desired off-loading device.
