Module 11: Storage Infrastructure Security (Introduction to Information Security + Key Security Threats) Flashcards
What are the goals of information security?
confidentiality
integrity
availability
accountability
What is Governance, Risk and Compliance (GRC)?
term encompassing processes that help an organization to ensure that their acts are ethically correct and in accordance with internal/external policies
What is governance?
determines the purpose and strategy by which companies are directed/managed
What is risk management?
systematic process of assessing assets and creating risk profile for information around the business
What is compliance?
act of adhering to and demonstrating adherence to external laws
What are the key approaches for GRC teams to reach their CIAA goals?
authentication
authorization
auditing
What is authentication?
process to ensure that users or assets are who they claim to be
What is single factor authentication?
involves the use of only one factor such as a password
What is multi factor authentication?
uses more than one factor to authenticate user
What is authorization?
process of determining whether and in which manager someone is allowed to access a particular service
What is auditing?
refers to the logging of all transactions for the purpose of assessing the effectiveness of security mechanisms
What are the 3 storage security domains?
application access
management access
backup/replication/archive
What is the application access domain?
may include only those apps that access the data through the file system or database interface
What is the management access domain?
includes management access to storage and interconnecting devices and to the data residing on the devices
What is the backup access domain?
primarily accessed by storage admins who configure and manage the environment
What is denial of service?
prevents legitimate users from accessing resources or services
What is a malicious insider?
orgs current or former employee who has had authorized access to an organizations data center
What is a man in the middle attack?
another way to hack user’s credentials - attacker eavesdropes on the network channel between two sites
What is IPSec?
suite of algorithms/procedures for securing IP communications by authenticating/encrypting packets
What is account hijacking?
scenario where an attacker gains access to an admins account
What is phishing?
social engineering attack that is used to deceive devices
What does the hacker use in a account hijacking attack?
keystroke logging malware
What is a fileless attack?
low observable characteristics (LOC) attacks that avoid detection by most security solutions
How do fileless attacks work?
not based on new files and don’t install new software on target machine
goes straight to memory never touches the hard drive