4.1-4.4 Flashcards
3 steps of secure baselines
establish
deploy
maintain
mdm
mobile device management. used to mannage company owned mobile devices. set policies on apps,data, control the remote device
COPE
Corporate ownerd, personally enabled. company buys the device, used as both a corporate and personal. full control belongs to organization
CYOD
Choose your own device.
Like COPE but user chooses the device
wpa3 , psk authentication process
USES SAE to create pmk
creates a shared session key that doesn’t need to be sent across network. no fourway handshake no hash no brute force.
SAE
SAE-everyone uses the same psk with a different session key
AAA framework
authentication authorization accounting
radius
common aaa protocol, centralizes authentication. remote vpn access. server authentication.
input validation
check and correct all input
SAST
Static Application Security Testing. Help to identify security flaws in code. Not always accurate so needs verification
app monitoring
watch for blocked injection attempts, app usage, unusual file transfers, increase in client access
enumeration
list all parts of an asset (cpu,memory,storage drive, keyboard,mouse)
sanitization
system disposal or decommissioning, completely remove data. to destroy or to recycle
certification of destruction
certificate of destruction after device has been disposed of
data retention
backup your data