Enterprise security Flashcards
What is an IP schema?
An IP address plan or way of standardizing IP addresses, such as the number of subnets or the amount of hosts per subnet, or different IP ranges for different networks or different locations.
What is a baseline configuration?
A baseline for the way application security is handled. The firewall settings, patch levels, or OS version in use.
Which security principle would come into play when deciding whether or not you should move data that is stored about customers in another country into your local datacenters in the US?
Data sovereignty
Which region of the world is affected by GDPR?
The EU.
European union.
If you receive a receipt after a purchase that shows the card used to make the purchase as “*********0329” which data privacy principle was used?
Data masking.
Data masking on your receipt does not necessarily mean that the rest of the card number was not stored elsewhere though.
What is data at rest?
Data which resides on a storage drive for long term storage, rather than just existing in memory.
What is data in transit?
Data which is currently in motion across the network.
What is data in use?
Data which is actively processing in the memory.
Is data in use inside of memory typically encrypted?
No, it would be very hard to use if it were.
Which type of encryption does tokenization typically use?
None. tokenization is not encrypting or hashing.
What is tokenization?
Replacing sensitize data with a non-sensitive placeholder, a one time token.
How would tokenization work while making a purchase with your phone or watch at a store?
- You register a credit/debit card on your phone using apple pay, etc
- The card is registered with the token service center for this company.
- The token service company stores a token on your device.
- You use your phone at checkout somewhere using NFC.
- The token is transmitted over to the payment processing server.
- The payment processing server sends the token over to the token service company for validation.
- The token service company validates that this token is valid and the account is authorized for this purchase and replies back to the payment processing server saying that it is valid and the purchase is complete.
What is IRM?
Information rights management(IRM).
Think when you open a MS word document and it says that you can only read the word doc and not edit it.
This can be used in emails and other things as well.
The point is to prevent the way a document is interacted with, such as edits, screenshots, etc.
The goal is to limit attackers abilities with a document to that of the current user they are logged in as.
What is an endpoint DLP?
A data loss prevention (DLP) that resides on an endpoint device.
What would be the name for a DLP solution that exists between users and the external internet, using no hardware or no software?
Cloud based DLP.
This can be used for blocking custom defined data strings from entering or leaving a server or to manage access to certain URLs.