Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Security+ > 3.1 Compare and contrast security implications of different architecture models > Flashcards

3.1 Compare and contrast security implications of different architecture models Flashcards

1
Q

Virtualization and Containerization

A
  • Virtualization:
  • Containerization: Lightweight alternative, packaging apps with their OS. Docker, Kubernetes, RedHat OpenShift.
  • Hypervisors:
    • Type 1 (Bare Metal): Runs on hardware (e.g., Hyper-V, ESXi).
    • Type 2 (Hosted): Runs within an OS (e.g., VirtualBox, VMware).
  • Virtualization Vulnerabilities:
    • VM Escape: Attackers access the hypervisor from VMs.
    • Privilege Elevation: Gain unauthorized high-level access.
    • Live VM Migration: Capture unencrypted data between servers.
    • Resource Reuse: Exposed data due to uncleared resources.
  • Securing Virtual Machines:
    • Apply patches, use antivirus, secure hypervisors.
    • Use strong passwords and security policies.
    • Isolate infected VMs, limit connections to physical machines.
    • Distribute VMs across servers, prevent virtualization sprawl (разрастание).
    • Encrypt VM files for data safety.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Infrastructure as Code (IaC)

A
  • Benefits:
    • Speed and Efficiency
    • Consistency and Standardization
    • Scalability
    • Cost Savings
    • Auditability and Compliance
  • Challenges:
    • Learning Curve
    • Complexity: Mitigate with modularization and documentation.
    • Security Risks: Avoid sensitive data exposure and insecure setups in code.

Idempotence: Ensures identical results across environments.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

ICS and SCADA

A

Crucial components of the life-critical infrastructure.

  • ICS (Industrial Control Systems): Monitor and control industrial processes in sectors like water, oil, gas, and power. Components:
    • DCS (Distributed Control Systems): Manages operations within a single facility, like a factory or plant.
    • PLCs (Programmable Logic Controllers): Handles specific tasks such as automating assembly lines.
  • SCADA Systems (Supervisory Control and Data Acquisition): Monitor and control geographically dispersed processes (e.g., power grids, pipelines). Often used in utilities and critical infrastructure remotely.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Embedded Systems

A

An embedded system is any device that has a dedicated function and uses a computer system to perform that function. Essential for daily-use technologies. Engine control, airbrake system, lifesaving medical devices, insulin pumps

The major constraints associated with embedded systems include computing limitations, cryptographic limitations, power limitations, ease of deployment, cost and the inability to patch/patch availability.

  • Over-the-Air (OTA) Updates: Remotely deliver and install patches.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Security+ (29 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions