2.3 Mitigation Techniques Flashcards
Segmentation and Isolation
Divide and Conquer: Segmenting networks into smaller, isolated zones to limit the impact of potential breaches.
Zoning: A logical design approach to control access between different network segments.
Zone Interface Points (ZIPs): Devices that connect different zones, such as firewalls or routers.
Access Control
Access Control Lists (ACLs): Rules that define who can access network resources.
Network Access Control Lists (NACLs): ACLs applied to cloud networks.
Permissions: Rights granted to users to access specific resources.
Least Privilege Principle: Granting users only the minimum necessary privileges.
Separation of Duties: Dividing tasks among multiple individuals to reduce risk.
Configuration and Patch Management
Configuration Management: The process of ensuring systems are configured correctly and consistently.
Patch Management: The process of applying software updates to address vulnerabilities.
Encryption
Data Encryption: Protecting sensitive data by encrypting it.
Key Management: Securely managing encryption keys.
Monitoring and Visibility
Log Monitoring: Analyzing system logs to identify security incidents.
Security Information and Event Management (SIEM): Centralized log management and analysis.
Network Traffic Analysis: Monitoring network traffic for suspicious activity.
Decommissioning and Offboarding
Secure Data Destruction: Properly disposing of sensitive data.
Revoking Access: Removing user access to systems and data.
Hardware Disposal: Securely disposing of hardware devices.
