D P7-9 II Flashcards
Cryptographic Solutions
A. Key escrow
B. TPM presence
C. Digital signatures
D. Data tokenization
E. Public key management
F. Certificate authority linking
Key Escrow: A mechanism to securely store and recover encryption keys.
TPM Presence (Trusted Platform Module): A hardware-based security module for storing cryptographic keys.
Digital Signatures: Cryptographic proofs verifying the origin and integrity of data.
Data Tokenization: Replacing sensitive data with non-sensitive substitutes.
Public Key Management: Managing public and private keys for encryption and authentication.
Certificate Authority Linking: Establishing trust between entities using a shared certificate authority.
Network Security
A. ACL
B. DLP
C. IDS
D. IPS
ACL (Access Control List): Rules defining permissions for accessing resources.
DLP (Data Loss Prevention): Solutions that protect sensitive data from being shared or accessed without authorization.
IDS (Intrusion Detection System): Monitors network traffic to detect potential threats.
IPS (Intrusion Prevention System): Actively blocks identified threats in network traffic.
Specialized Systems
A. RTOS
B. Containers
C. Embedded systems
D. SCADA
RTOS (Real-Time Operating System): An OS designed for real-time applications requiring quick response times.
Containers: Lightweight environments for running applications with isolated dependencies.
Embedded Systems: Specialized systems designed for dedicated functions within devices.
SCADA (Supervisory Control and Data Acquisition): Systems managing industrial processes and infrastructure.
IT Standards and Practices
A. Off-the-shelf software
B. Orchestration
C. Baseline
D. Policy enforcement
Off-the-Shelf Software: Prebuilt software available for general use.
Orchestration: Coordinating automated tasks and workflows across systems.
Baseline: A minimum set of security standards to be met.
Policy Enforcement: Ensuring compliance with defined organizational policies.
Roles and Responsibilities
A. Processor
B. Custodian
C. Subject
D. Owner
Processor: An entity processing data on behalf of a controller.
Custodian: Responsible for managing and protecting data assets.
Subject: The individual or system that data pertains to.
Owner: The person or entity responsible for the data and its security.
Security Technologies
A. SPF
B. GPO
C. NAC
D. FIM
SPF (Sender Policy Framework): Email authentication to prevent spoofing.
GPO (Group Policy Object): A Windows feature for managing security and configurations across systems.
NAC (Network Access Control): Controlling access to a network based on compliance and policies.
FIM (File Integrity Monitoring): Detecting changes to files for security and compliance.
Incident Response Phases
A. Preparation
B. Recovery
C. Lessons learned
D. Analysis
Preparation: Developing and implementing plans to handle incidents effectively.
Recovery: Restoring systems and operations after an incident.
Lessons Learned: Reviewing the incident to identify improvements for future responses.
Analysis: Investigating the cause and impact of an incident to prevent recurrence.
Network Administration
A. Console access
B. Routing protocols
C. VLANs
D. Web-based administration
Console Access: Direct connection to a device for management and configuration.
Routing Protocols: Standards for exchanging routing information between devices.
VLANs (Virtual Local Area Networks): Segments within a network to isolate traffic and enhance security.
Web-Based Administration: Managing systems or devices through a web interface.
Metrics and Performance
A. MTTR
B. RTO
C. ARO
D. MTBF
MTTR (Mean Time to Recovery): The average time required to restore functionality after a failure.
RTO (Recovery Time Objective): The targeted duration to recover systems after an outage.
ARO (Annualized Rate of Occurrence): The expected frequency of a risk occurring within a year.
MTBF (Mean Time Between Failures): The average time between system failures.
Security Threats
A. End of life
B. Buffer overflow
C. VM escape
D. Jailbreaking
End of Life (EOL): When a product is no longer supported, making it vulnerable to new threats.
Buffer Overflow: Exploiting a software flaw by overloading memory to execute malicious code.
VM Escape: A vulnerability where an attacker accesses the host system from a virtual machine.
Jailbreaking: Removing manufacturer-imposed restrictions on devices, potentially exposing them to risks.