3.1-3.2 Flashcards
risk transference
transfer risk to third party. cyber security insurance
compute
needed to run applications
using multiple cpus across multiple clouds for more computing poweradds complexit and its more scalable
attack surface
all the ways to break into your network
connectivity
always try to connect securely with vpn or ip sec
protect the physical cabling connections, also app level encryption and network lvl encryption
failure mode
fail open
system fails but data continues to flow
failure mode
fail closed
system fails but data does not flow
active monitoring
ips
passive monitoring
ids
jump server
access secure network zones, is hardened and monitored.
ssh/vpn/tunnel to the jump server and jump to another server from there
forward proxy
proxy is inside your internal network
reverse proxy
traffic from internet hits your internal proxy
open proxy
third party, uncontrolled can be used by anyone
active/passive load balancer
some servers work some on standby
sensors
ips, fw logs, authentication logs, web server access logs, database transaction logs, email logs
collectors
siem consoles, ips and fw too.
compare sensor data
software defined wan
cloud based apps from remote sites can talk directly to the cloud,don’t have to go through the central data center. so data center is more redundant.
SASE
Secure Access Service Edge.
CLOUD BASED
“next gen vpn”
updated secure access. all delivered by a single cloud service at the network edge.
