4.1 Flashcards
BYOD
bring your own device
cost effective for employers
drawback is less security control
COPE
coporate owned personally enabled
high intial investment
employees may have privacy concerns
CYOD
employees select devices from a company approved list
Data remnants
residual data left behind after deletion or erasure processes. in the cloud it may not be completely removed
virtualization
emulates servers each with its own OS within a virtual machine
containerization
lightweight alternative encapsulting apps within their OS environment
Hype 1 hypervisor
bare metal
runs directly on hardware
Type 2 hypervisor
hosted
operates within a standard OS
VM Escape
attackers break out of isolated VMs to access hypervisor
Live VM migration
attacker captures unencryped data between servers
Resource reuse
improper clearing of resources may expose sensitive data to
FaaS
developers write and deploy individual functions triggered by events (serverles)
IoT
internet of things
network of physical devices with sensors software and connectivity
Hub/Control system
central component connecting IoT devices to
ICS
industrial control system
DCS
distributed control system
used in control production systems within a single location
PCL
programmabe logic controllers
used to control specific processes such as assembly lines and facotires
SCADA
supervisory control and data acquisition systems
type of ICS used for controlling geographically dispersed industrial processes
Risks and vu,nerabilities of ICS and SCADA
unauthroized access
malware attacks
lack of updates because of running outdated software
physical threats
Embedded systems
specialized computing components designed for dedicate functions within larger devices
they integrate hardware and mechanical elemants
RTOS
real time operatin system
critical for time sensitive apps like flight navigation and medical equipment
vulnerabilities in embedded systems
hardware failure (harsh environments)
software bugs
outdated systems
wrappers IPsec
protect data during transfer by hiding interception points
way to protect embedded systems
firmware code control
manage low level software to maintin system integrity
OTA
over the air updates for embedded systems installed remotely
bluetooth
wireless technology for short distance data exchange
bluetooth vulnerabilities
insecure pairing
spoofing
on path attacks