Ch5 Terms Flashcards
Encryption
Using mathematical algorithms to convert readable data into an unreadable form.
Plaintext
Readable data, pre-encryption
Ciphertext
Unreadable data, post-encryption
Stateful Packet Inspection
Firewalls ensure authorized data packets are received when requested.
Security is a shared responsibility between the ___ and ___.
CSP and Cloud Consumer.
CIA Triad
Confidentiality, Availability, Integrity
Symmetric Encryption
A Sender and Reciever use a single key to Encrypt and Decrypt data.
Asymmetric Encryption
Uses a pair of keys, Public and Private. The Private Key is kept secret.
• Public Key to Encrypt
• Private Key to Decrypt
Digital Signature
Validates the Authenticity and Integrity of a Digital Interaction.
PKI
Public Key Infrastructure
CA
Certificate Authority
VPN Tunnel
Securely extends an organization’s on-premise environment.
(Public Cloud to Hybrid Cloud)
Tokenization
Random tokens are assigned to sensitive data to prevent its exposure. An Encrypted Token Vault Database stores the mapping between tokens and their original data.
VFA
Virtual Firewall Appliance
Virtual Firewall Appliance
Performs Port / Service Filtering and Stateful Packet Inspection at the perimeter of the VPC.
NACL
Network Access Control List
Network ACL
Specifies Subnet Traffic Rules
Security Groups
Control traffic between Individual Virtual Machines.
Web Tier
Front End
Database Tier
Back end
IAM
Identity and Access Management
Identity and Access Management
Authentication, Authorization, Accounting
SSO
Single Sign On
Federated Identity
Cloud Customers use their on-premesis credentials to access Cloud Services.
