Key pillars of security Flashcards
What is a firewall?
Firewalls block or allow network traffic based on the traffic’s properties. You can utilize hardware-based firewalls or software firewalls that run on a device (known as host firewalls).
What characteristics can you configure the the firewall to?
Traffic source and/or destination address
Traffic source and/or destination port
Traffic protocol
Specific packet contents
What are the key pillars for computer security system?
Identity and access management
Information protection
Threat protection
Security management
What is Identity and access management?
Identity is used to identify a user so that they can be authorized to access resources within your IT infrastructure. We identify users through the use of user accounts; these accounts are assigned an appropriate level of access or privilege on a particular system.
What is local account?
A local user account resides on the local Windows 10 device only. It does not allow a
user to access resources on other computers. All Windows 10 computers have local accounts, al-
though typically they are not used interactively.
What is domain accounts?
Most organizations implement AD DS forests to consolidate their users’ computers into manageable units known as domains. An AD DS database stores domain user accounts, which
the operating system can then use to authenticate users who are trying to access any domain-joined
device anywhere in the forest.
What is Azure AD account?
You can use Azure AD to store user accounts that your users can utilize to access
hosted services based in the cloud, such as Microsoft Office 365. For those organizations that maintain an on-premises AD DS environment, Azure AD can integrate with on-premises AD DS deployments. This scenario allows users to access resources from on-premises devices, and from cloud-based services and resources. However, integration often requires synchronization between the two.
What are Microsoft accounts?
Your users can use a Microsoft account regardless of their location or the
organization of which they are a member. A Microsoft account includes an email address and a
password that your users use to sign in to different services. Users already have a Microsoft account if they sign in to services such as Microsoft OneDrive, Xbox Live, Outlook.com (formerly Hotmail), or Windows Phone. Your users also can use their Microsoft accounts to authenticate with Azure AD. This scenario is useful when you must support temporary or contract staff as the account is external to the Azure AD directory.
What are other accounts?
Most users also have access to social accounts, such as Facebook and Twitter. Many
also, use Apple and Google accounts to access platform-specific stores and other resources.
Because a user account (or accounts) is the primary means of determining who a user is, we must protect the process of verifying identity. Identity protection is the method that you use to do this.
What is data at rest?
Most users also have access to social accounts, such as Facebook and Twitter. Many
also use Apple and Google accounts to access platform-specific stores and other resources.
Because a user account (or accounts) is the primary means of determining who a user is, it’s important
that we protect the process of verifying identity. Identity protection is the method that you use to do this.
What is Malware?
malware, or malicious software, is software that attackers design to harm computer systems.
Malware can do many things, from causing damage to the computer, to allowing unauthorized parties
remote access to the computer, to collecting and transmitting sensitive information to unauthorized third
parties.
What is data in transit?
Any time data moves between a user’s device and the server that hosts their data, it’s
at risk. Authentication and encryption are the two technologies used to help ensure safe transit of data to and from users’ devices, or between devices on your network.
What are the common Network threats?
Network security threats, denial of service, Port scanning attacks, Man-in-the-middle attacks,
What is an eavesdropping attack?
(also known as network sniffing), occurs when a hacker captures network
packets in transit on your network
What is a denial of service?
(DoS) attack limits the function of a network app, or renders an app or network
resource unavailable.
What is a port scanning attack?
which can identify specific apps running on servers.
What is man in the middle attack?
(MITMs), where a hacker uses a computer to impersonate a legitimate host
on the network with which your computers are communicating.
What are the Common data security threats?
Unauthorized users accessing information on a server.
Unauthorized users accessing data from a lost or stolen removable drive.
Data leakage arising from a lost or stolen laptop that contains company information.
Data leakage arising from user emails with sensitive content inadvertently being sent to unintended
recipient(s).
How Microsoft 365 services address security threats?
Multi-factor authentication (MFA), Mobile device management (MDM), Advanced threat protection, Data loss prevention (DLP), Encrypted email, Azure AD Identity Protection, and Privileged identity management.
What is Cloud identities?
A cloud identity is a user account that exists only in Office 365 or, to be more precise, only in Azure AD.
Azure AD provides an identity store, and authentication and authorization services for Office 365. You can
create a cloud identity with the same name as an on-premises user account, but there is no link between
them. You create cloud identities by using either Office 365 management tools, the Azure AD admin
portal, or Windows PowerShell.
What are Synchronized identities?
A synchronized identity is a user that exists in both on-premises AD DS and Azure AD. The AD DS and the
Azure AD user accounts are linked together. Therefore, any changes that you make to the on-premises
user accounts are synchronized to the Azure AD user account.
What are Federated identities?
A federated identity is a synced account that is authenticated by using the Active Directory Federation
Services (AD FS). AD FS is deployed on-premises and communicates with AD DS on-premises. When
Office 365 authenticates a federated identity, it directs the authentication request to AD FS. Because the
an on-premises user account is used for authentication, the same password is used for signing in to Office
365 and on-premises AD DS.
What is the main benefit of using federated identities?
The main benefit of using federated identities is single sign-on (SSO). Users authenticate at a domain-joined workstation by using their credentials. SSO uses these credentials to automatically authenticate to Office 365 services. When you use synchronized identities, the users typically need to enter their credentials manually when accessing Office 365 services.
What is a Azure AD Premium P1 Plan?
For enterprise environments, Azure AD Premium P1 provides
additional features that make it easier to manage users and applications.