CompTIA CySA+ - Lession 3 - Terms Flashcards

1
Q

de-perimeterisation

A

In information security, de-perimeterisation is the removal of a boundary between an organisation and the outside world.

De-perimeterisation is protecting an organization’s systems and data on multiple levels by using a mixture of encryption, secure computer protocols, secure computer systems and data-level authentication, rather than the reliance of an organization on its network boundary to the Internet

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Trends Driving Deperimeterization

A
  • Cloud—Enterprise infrastructures are typically spread between on-premise
    and cloud platforms. In addition, cloud platforms may be used to distribute
    computing resources globally.
  • Remote Work—More and more organizations have adopted either part-time
    or full-time remote workforces. This remote workforce expands the enterprise
    footprint dramatically. In addition, employees working from home are more
    susceptible to security lapses when they connect from insecure locations and
    use personal devices.
  • Mobile—Modern smartphones and tablets are often used as primary computing
    devices as they have ample processer, memory, and storage capacity. More
    and more corporate data is accessed through these devices as their capabilities
    expand. Mobile devices and their associated operating systems have varying
    security features, and many devices are not supported by vendors shortly after
    release, meaning they cannot be updated or patched. In addition, mobile devices
    are often lost or stolen.
  • Outsourcing and Contracting—Support arrangements often provide remote
    access to external entities, and this access can often mean that the external
    provider’s network serves as an entry point to the organizations they support.
  • Wireless Networks (Wi-Fi)—Wireless networks are susceptible to an everincreasing
    array of exploits, but oftentimes wireless networks
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

The key benefits of a Zero Trust architecture

A
  • Greater security—All users, devices, and applications authenticated and verified
    before network access.
  • Better access controls—More stringent limits regarding who or what can
    access resources and from what locations resources can be accessed.
  • Improved governance and compliance—Limits on data access and greater
    operational visibility on user and device activity.
  • Increased granularity—Users granted access to what they need when they
    need it.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Zero Trust architecture Essential components and technologies

A
  • Network and endpoint security—Controls access to applications, data, and
    networks.
  • Identity and access management (IAM)—Ensures only verified users can
    access systems and data.
  • Policy-based enforcement—Restricts network traffic to only legitimate requests.
  • Cloud security—Manages access to cloud-based applications, services, and data.
  • Network visibility—Analyzes network traffic and devices for suspicious activity.
  • Network segmentation—Controls access to sensitive data and capabilities from trusted locations.
  • Data protection—Controls and secures access to sensitive data, including encryption and auditing.
  • Threat detection and prevention—Identifies and prevents attacks against the network and the systems connected to it.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Secure Access Service Edge (SASE)

A

SASE aims to simplify the complexity of managing multiple network and security services by combining networking and security functions into a single cloud-hosted service and delivering it directly to the source of connection rather than the enterprise data center.

Security is based around identity, real-time context and enterprise security and compliance policies

SASE eliminates the need for dedicated hardware, which allows security teams to quickly adapt to changes while maintaining secure access to any user from any device.

SASE also offers advanced features such as identity and access management, secure web gateways, and supports Zero Trust network access, all designed to protect an organization’s data and applications while providing
uninterrupted access to users.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Public key infrastructure (PKI)

A

a comprehensive framework or system of cryptographic protocols, standards, and technologies used to establish and manage secure digital communication and authentication.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Secure Sockets Layer (SSL)

A

cryptographic protocol designed to provide secure communication over a computer network, most commonly between a web browser and a web server.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly