Domain 2.0: Architecture and Design Flashcards
Types of recovery sites
Hot site - operational ready-to go data center. Fastest recovery and highest cost
Cold backup site is the opposite. Longest recovery window with lower cost.
Warm site is a compromise of both.
Honeypot and Honeynet
Used to study actions of hackers and distract them from more valuable data
HSM
Hardware security module is a combination of hardware and software/firmware that is attached to or contained inside a computer to provide cryptographic functions for tamper protection and increased performance.
Type II hypervisor
Software that runs within an operation system environment. It’s also called hosted hypervisor.
DLP
Data Loss Prevention is a way of detecting and preventing confidential data from being exfiltrated physically or logically from an organization by accident or on purpose.
Public cloud
Shares shared resources over the Internet
Public Cloud models
SaaS, PaaS, IaaS
SaaS
Software as a Service involves the delivery of a licensed application to customers over the Internet for use as a service on demand
PaaS
Platform as a Service involves delivery of a computing platform often an operating system with associated services, over the Internet without downloads or installation.
IaaS
Infrastructure as a Service involves delivery of computer infrastructure in a hosted service model over the Internet.
Hypervisor
software or hardware layer program that permits the use of many instances of an operating system or instance of different operating systems on the same machine, independent of each other
Type I native
software that runs directly on a hardware platform. It’s also known as bare-metal hypervisor.
Scalability
Based on capability to handle the changing needs of a system within the confines of the current resources.
Elasticity
Capability to expand and reduce resources as needed at any given point in time
SDN
Software-defined networking is a method for organizations to manage network services through a decoupled underlying infrastructure, allowing quick adjustments to changing business requirements.
IAAS clouds
consists of workloads deployed across subn ets within one or more isolated availability zones that make up the VPC (virtual private cloud) deployed within a geographic region.
IaaS transit gateway
Allows for connection of on-premise networks to cloud-hosted networks
HIDS
Host Intrusion Detection System is implemented to monitor event and application logs, port access, and other running processes.
Authentication factors
Something you are
Something you have
Something you know,
Somewhere you are and
Something you do.
Biometrics
Iris scan, fingerprint are examples of physical access control
Identification
presenting credentials or key
Authentication
Verifying presented credentials
TOTP Algorithim
Relies on a shared secret and a moving factor or counter which is current time
HOTP algorithm
Relies on shared secret and a moving factor or counter.
Username and password
A most common form of authentication
Token-based authentication
Strong form requiring possession of the token item