2.1 Explain the importance of security concepts in an enterprise environment

Question 1

What is Configuration management in enterprise security?

Answer 1

Configuration management in enterprise security refers to the process of establishing and maintaining consistency of performance, functional, and physical attributes of systems, networks, or devices through controls, policies, and procedures to mitigate risks and ensure compliance.

Question 2

What term describes the process of maintaining consistency of system attributes for security and compliance?

Answer 2

Configuration management

Question 3

What are Diagrams in enterprise security?

Answer 3

Diagrams in enterprise security refer to visual representations or blueprints that illustrate the architecture, design, components, and relationships of systems, networks, or infrastructure, aiding in understanding, communication, planning, and documentation of security controls and configurations.

Question 4

What term describes visual representations illustrating the architecture and components of systems or networks?

Answer 4

Diagrams

Question 5

What is Baseline configuration in enterprise security?

Answer 5

Baseline configuration in enterprise security refers to the standard or predefined settings, configurations, or states established for systems, networks, or applications as a reference point for security, performance, or compliance, serving as a foundation for monitoring, comparison, and deviation detection.

Question 6

What term describes the standard settings established as a reference point for system configurations?

Answer 6

Baseline configuration

Question 7

What are Standard naming conventions in enterprise security?

Answer 7

Standard naming conventions in enterprise security refer to established guidelines or rules for naming systems, files, users, or resources consistently and informatively, facilitating organization, management, and identification of assets, data, or entities within an environment.

Question 8

What term describes established guidelines for naming resources consistently within an organization?

Answer 8

Standard naming conventions

Question 9

What is Internet protocol (IP) schema in enterprise security?

Answer 9

Internet protocol (IP) schema in enterprise security refers to the logical addressing structure and allocation of IP addresses within a network, defining the range, subnetting, hierarchy, or assignment methods to ensure efficient routing, communication, and management of network traffic and devices.

Question 10

What term describes the logical addressing structure and allocation of IP addresses within a network?

Answer 10

Internet protocol (IP) schema

Question 11

What is Data sovereignty in enterprise security?

Answer 11

Data sovereignty in enterprise security refers to the concept and legal framework that determines the jurisdiction, ownership, control, and regulatory compliance requirements governing the storage, processing, or movement of data across geographical boundaries or regions.

Question 12

What term describes the concept determining the jurisdiction and regulatory requirements for data storage and processing?

Answer 12

Data sovereignty

Question 13

What is Data protection in enterprise security?

Answer 13

Data protection in enterprise security refers to the implementation of controls, technologies, and policies to safeguard sensitive or confidential information from unauthorized access, disclosure, alteration, or destruction, ensuring confidentiality, integrity, and availability of data assets.

Question 14

What term describes the implementation of controls to safeguard sensitive information from unauthorized access?

Answer 14

Data protection

Question 15

What is Data loss prevention (DLP) in enterprise security?

Answer 15

Data loss prevention (DLP) in enterprise security refers to the strategy, technologies, and processes designed to prevent, detect, and mitigate the unauthorized or inadvertent leakage, exfiltration, or exposure of sensitive data from within an organization, whether at rest, in transit, or in use.

Question 16

What term describes the strategy and technologies used to prevent unauthorized leakage of sensitive data?

Answer 16

Data loss prevention (DLP)

Question 17

What is Masking in enterprise security?

Answer 17

Masking in enterprise security refers to the technique of concealing or obfuscating sensitive or confidential data by replacing or obscuring certain characters or portions of the information, preserving its format and usability while preventing unauthorized access or disclosure.

Question 18

What term describes the technique of concealing sensitive information by replacing or obscuring certain characters?

Answer 18

Masking

Question 19

What is Encryption at rest in an enterprise environment?

Answer 19

Encryption at rest in an enterprise environment refers to the encryption of data while it is stored or persisted in databases, filesystems, or storage devices, ensuring that even if the storage media is compromised, the data remains unreadable and protected from unauthorized access.

Question 20

What term describes the encryption of data while it is stored in databases or storage devices?

Answer 20

Encryption at rest

Question 21

What is Encryption in transit/motion in an enterprise environment?

Answer 21

Encryption in transit/motion in an enterprise environment refers to the encryption of data while it is being transmitted or communicated over networks or channels, protecting it from interception, eavesdropping, or tampering during transportation between endpoints.

Question 22

What term describes the encryption of data during transmission over networks or channels?

Answer 22

Encryption in transit/motion

Question 23

What is Encryption in processing in an enterprise environment?

Answer 23

Encryption in processing in an enterprise environment refers to the encryption of data while it is being processed or manipulated by applications, systems, or services, ensuring that sensitive information remains protected and secure throughout the processing lifecycle.

Question 24

What term describes the encryption of data while it is being processed or manipulated by applications or systems?

Answer 24

Encryption in processing

Question 25

What is Tokenization in an enterprise environment?

Answer 25

Tokenization in an enterprise environment refers to the process of substituting sensitive data with non-sensitive placeholders or tokens, preserving its format and length, but eliminating its intrinsic value, reducing the risk of exposure or compromise while maintaining usability.

Question 26

What term describes the process of substituting sensitive data with non-sensitive tokens to reduce exposure?

Answer 26

Tokenization

Question 27

What is Rights management in an enterprise environment?

Answer 27

Rights management in an enterprise environment refers to the implementation of policies, controls, and technologies to manage and enforce access permissions, privileges, and usage rights of digital assets, ensuring compliance, confidentiality, and integrity across the information lifecycle.

Question 28

What term describes the management and enforcement of access permissions and usage rights of digital assets?

Answer 28

Rights management

Question 29

What are Geographical considerations in an enterprise environment?

Answer 29

Geographical considerations in an enterprise environment refer to factors such as regulatory requirements, data sovereignty laws, and geopolitical risks that influence the location, storage, processing, or transmission of data and infrastructure to ensure legal compliance and risk mitigation.

Question 30

What term describes factors such as regulatory requirements and data sovereignty laws influencing data handling?

Answer 30

Geographical considerations

Question 31

What are Response and recovery controls in an enterprise environment?

Answer 31

Response and recovery controls in an enterprise environment refer to measures, procedures, and technologies implemented to detect, contain, mitigate, and recover from security incidents or disruptions, ensuring business continuity, resilience, and minimal impact on operations.

Question 32

What term describes measures and procedures to detect, contain, and recover from security incidents?

Answer 32

Response and recovery controls

Question 33

What is SSL/TLS inspection in an enterprise environment?

Answer 33

SSL/TLS inspection in an enterprise environment refers to the process of decrypting and inspecting encrypted traffic to identify and prevent malicious activities, such as malware, intrusions, or data exfiltration, while maintaining privacy, security, and compliance with security policies.

Question 34

What term describes the process of decrypting and inspecting encrypted traffic for security analysis?

Answer 34

SSL/TLS inspection

Question 35

What is Hashing in an enterprise environment?

Answer 35

Hashing in an enterprise environment refers to the process of converting data or plaintext into a fixed-size hash value using cryptographic algorithms, ensuring data integrity, uniqueness, and non-repudiation, commonly used for password storage, digital signatures, or data verification.

Question 36

What term describes the process of converting data into a fixed-size hash value to ensure integrity and uniqueness?

Answer 36

Hashing

Question 37

What are API considerations in an enterprise environment?

Answer 37

API considerations in an enterprise environment refer to the factors, practices, and security controls applied to application programming interfaces (APIs) to ensure authentication, authorization, data protection, and secure communication between software components or services.

Question 38

What term describes the factors and security controls applied to APIs to ensure authentication and data protection?

Answer 38

API considerations

Question 39

What is a Hot site in the context of site resiliency?

Answer 39

A Hot site in the context of site resiliency is a fully operational backup facility equipped with necessary hardware, software, and data, ready to take over operations in the event of a disaster, offering minimal downtime and seamless continuity of critical services.

Question 40

What term describes a fully operational backup facility ready to take over operations in case of a disaster?

Answer 40

Hot site

Question 41

What is a Cold site in the context of site resiliency?

Answer 41

A Cold site in the context of site resiliency is a backup facility that lacks infrastructure, hardware, software, or data replication, requiring extensive setup and configuration before becoming operational in the event of a disaster, resulting in longer downtime and slower recovery.

Question 42

What term describes a backup facility lacking infrastructure, hardware, or data replication, requiring setup during a disaster?

Answer 42

Cold site

Question 43

What is a Warm site in the context of site resiliency?

Answer 43

A Warm site in the context of site resiliency is a backup facility with some pre-deployed infrastructure, hardware, or software, but not fully operational, requiring configuration and data synchronization to become active in the event of a disaster, offering intermediate recovery time objectives.

Question 44

What term describes a backup facility with partially deployed infrastructure, hardware, or software, needing configuration during a disaster?

Answer 44

Warm site

Question 45

What are Deception and disruption techniques in security?

Answer 45

Deception and disruption techniques in security involve the deployment of deceptive measures, such as honeypots, honeyfiles, or DNS sinkholes, to lure, detect, and disrupt attackers, diverting their attention, delaying their activities, or gathering intelligence to enhance security defenses.

Question 46

What term describes the use of deceptive measures to lure, detect, and disrupt attackers in security?

Answer 46

Deception and disruption

Question 47

What are Honeypots in security?

Answer 47

Honeypots in security are decoy systems or resources designed to mimic legitimate assets, services, or vulnerabilities, attracting and diverting attackers away from real targets, allowing organizations to monitor, analyze, and gather threat intelligence without risking actual systems.

Question 48

What term describes decoy systems used to divert and gather intelligence on attackers without risking real systems?

Answer 48

Honeypots

Question 49

What are Honeyfiles in security?

Answer 49

Honeyfiles in security are decoy files or documents containing fabricated or enticing information designed to lure and deceive attackers who attempt to access or interact with them, enabling organizations to detect and respond to unauthorized access or data exfiltration attempts.

Question 50

What term describes decoy files containing fabricated information to lure and deceive attackers attempting unauthorized access?

Answer 50

Honeyfiles

Question 51

What are Honeynets in security?

Answer 51

Honeynets in security are networks of interconnected honeypots or decoy systems deployed within an organization’s infrastructure or perimeter, simulating a realistic environment to attract, analyze, and mitigate sophisticated attacks, providing insights into attacker behavior and tactics.

Question 52

What term describes networks of interconnected honeypots used to simulate realistic environments for analyzing and mitigating attacks?

Answer 52

Honeynets

Question 53

What is Fake telemetry in security?

Answer 53

Fake telemetry in security refers to the generation and dissemination of false or misleading data, events, or alerts within an organization’s network or systems, intended to deceive and confuse attackers, leading them to make mistakes or reveal their presence, facilitating detection and response efforts.

Question 54

What term describes the creation and dissemination of false data or events to deceive attackers and aid in detection?

Answer 54

Fake telemetry

Question 55

What is a DNS sinkhole in security?

Answer 55

A DNS sinkhole in security is a DNS server configured to redirect or block malicious domain name resolution requests, effectively preventing communication with known malicious or suspicious domains, disrupting malware infections, and mitigating threats at the network level.

Question 56

What term describes a DNS server redirecting or blocking malicious domain requests to disrupt malware infections?

Answer 56

DNS sinkhole