Domain 2: Architecture and Design Flashcards
What is a demilitarized zone (DMZ)?
A DMZ is a network segment between an internal network and an external network (usually the internet) that adds an additional layer of security by isolating publicly accessible services.
What is defense in depth?
Defense in depth is a security strategy that employs multiple layers of protection to guard against potential threats and vulnerabilities.
What is network segmentation?
Network segmentation is the practice of dividing a network into smaller segments to limit the spread of attacks and improve security management.
What is virtualization?
Virtualization is the creation of virtual instances of resources, such as servers, storage, or networks, to improve efficiency, scalability, and security.
What is cloud security?
Cloud security refers to the technologies, policies, controls, and services that protect data, applications, and infrastructure in cloud computing environments.