Module 11: Storage Infrastructure Security (Security Controls)

Question 1

What is a firewall?

Answer 1

security control designed to examine data packets traversing a network and compare them to filtering rules

Question 2

What is a filtering rule?

Answer 2

may use various filtering parameters such as source address and protocols

can be set for both incoming and outgoing traffic

Question 3

What determines the effectiveness of a firewall?

Answer 3

how robustly and extensively the security rules are defined

Question 4

What happens if an unauthorized packet is picked up by the firewall?

Answer 4

dropped and not allowed to continue to the requested destination

Question 5

What is a demilitarized zone?

Answer 5

a control to secure internal assets while allowing Internet based access to selected resources

Question 6

How are servers setup in a demilitarized zone?

Answer 6

servers that need Internet access are placed between two firewalls

servers in demilitarized zone may or may not be allowed to communicate with internal resources

Question 7

What traffic is allowed to go through the demilitarized zone?

Answer 7

application specific ports are allowed through firewall to the demilitarized zone

Question 8

What isn’t allowed to go through the demilitarized zone?

Answer 8

no internet based traffic is allowed to go through the second firewall and gain access to the internal network

Question 9

What is IDPS?

Answer 9

intrusion detection - process of detecting events that can compromise the confidentiality of IT resources

Question 10

What is an IDS?

Answer 10

Intrusion Detection System - security tool that automates the detection process

Question 11

What is an IPS?

Answer 11

Intrusion Prevention System - tool that has the capability to stop the events after they have been detected by the IDS

Question 12

What are the key techniques used by an IDPS?

Answer 12

signature based detection
anomaly based detection

Question 13

What is signature based detection?

Answer 13

IDPS relies on a database that contains known attack patterns or signatures and scans events against it

Question 14

What is anomaly based detection?

Answer 14

IDPS scans and analyzes events to determine whether they are statistically different from events normally occurring in the system

Question 15

What is a VPN?

Answer 15

virtual private network - provides a secure connection to the IT resources - secures site to site connection

Question 16

What is a remote access VPN?

Answer 16

a remote client initiates a remote VPN connection request - VPN server authenticates and provides the user access to the network

Question 17

What is a site to site VPN?

Answer 17

remote site initiates a site to site VPN connection - VPN server authenticates and provides access to internal network

Question 18

What is Identity and Access Management (IAM)?

Answer 18

process of managing users identifiers and their authentication/authorization to different IT resources

Question 19

What is multifactor authentication (MFA)?

Answer 19

uses more than one factor to authenticate a user

Question 20

What is OAuth?

Answer 20

enables a client to access protected resources from a resource server on behalf of a resource owner

EX: giving Linkedin access to FB

Question 21

What are the 4 parts involved in authorization control?

Answer 21

resource owner
resource server
client
authorization server

Question 22

What is OpenID?

Answer 22

standard for authentication in which an organization uses authentication services from an OpenID third party provider

Question 23

What is an OpenID provider?

Answer 23

maintains user credentials on their authentication system and enables relying parties to authenticate user requests

Question 24

What is role based access control (RBAC)?

Answer 24

an approach to restrict access to the authorized users based on their respective roles

minimum privileges assigned to each role

Question 25

What does separation of duties mean in RBAC?

Answer 25

ensures that no individual can both specify an action and carry it out

Question 26

What is mobile device management (MDM)?

Answer 26

control that resrtricts access to an organizations resources only to authorized mobile devices

Question 27

What is data encryption?

Answer 27

cryptographic technique in which data is encoded and made indecipherable

Question 28

What is data in flight?

Answer 28

refers to data that is being transferred over a network

Question 29

What is data at rest?

Answer 29

refers to data this stored on a storage medium

Question 30

What is the main rule when it comes to data encryption?

Answer 30

data should be encrypted as close to its origin as possible

Question 31

What are Transport Layer Security (TLS) and Secure Socket Layer (SSL)

Answer 31

application layer protocols that provide encrypted connection for client server communication

Question 32

What is data shredding?

Answer 32

process of deleting data or residual representations of data which makes it unrecoverable

Question 33

What are the 3 main data shredding techniques?

Answer 33

phyiscally destroying
degaussing
overwriting

Question 34

What is degaussing?

Answer 34

process of decreasing or eliminating the magnetic field of media

Question 35

What is overwriting?

Answer 35

overwriting the disks several times with invalid data

Question 36

What is penetration testing?

Answer 36

evaluates systems and apps to find vulnerabilities and threats an attacker can exploit