Module 11: Storage Infrastructure Security (Security Controls) Flashcards

1
Q

What is a firewall?

A

security control designed to examine data packets traversing a network and compare them to filtering rules

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is a filtering rule?

A

may use various filtering parameters such as source address and protocols

can be set for both incoming and outgoing traffic

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What determines the effectiveness of a firewall?

A

how robustly and extensively the security rules are defined

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What happens if an unauthorized packet is picked up by the firewall?

A

dropped and not allowed to continue to the requested destination

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is a demilitarized zone?

A

a control to secure internal assets while allowing Internet based access to selected resources

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

How are servers setup in a demilitarized zone?

A

servers that need Internet access are placed between two firewalls

servers in demilitarized zone may or may not be allowed to communicate with internal resources

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What traffic is allowed to go through the demilitarized zone?

A

application specific ports are allowed through firewall to the demilitarized zone

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What isn’t allowed to go through the demilitarized zone?

A

no internet based traffic is allowed to go through the second firewall and gain access to the internal network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is IDPS?

A

intrusion detection - process of detecting events that can compromise the confidentiality of IT resources

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is an IDS?

A

Intrusion Detection System - security tool that automates the detection process

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is an IPS?

A

Intrusion Prevention System - tool that has the capability to stop the events after they have been detected by the IDS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What are the key techniques used by an IDPS?

A

signature based detection
anomaly based detection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is signature based detection?

A

IDPS relies on a database that contains known attack patterns or signatures and scans events against it

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is anomaly based detection?

A

IDPS scans and analyzes events to determine whether they are statistically different from events normally occurring in the system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is a VPN?

A

virtual private network - provides a secure connection to the IT resources - secures site to site connection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is a remote access VPN?

A

a remote client initiates a remote VPN connection request - VPN server authenticates and provides the user access to the network

17
Q

What is a site to site VPN?

A

remote site initiates a site to site VPN connection - VPN server authenticates and provides access to internal network

18
Q

What is Identity and Access Management (IAM)?

A

process of managing users identifiers and their authentication/authorization to different IT resources

19
Q

What is multifactor authentication (MFA)?

A

uses more than one factor to authenticate a user

20
Q

What is OAuth?

A

enables a client to access protected resources from a resource server on behalf of a resource owner

EX: giving Linkedin access to FB

21
Q

What are the 4 parts involved in authorization control?

A

resource owner
resource server
client
authorization server

22
Q

What is OpenID?

A

standard for authentication in which an organization uses authentication services from an OpenID third party provider

23
Q

What is an OpenID provider?

A

maintains user credentials on their authentication system and enables relying parties to authenticate user requests

24
Q

What is role based access control (RBAC)?

A

an approach to restrict access to the authorized users based on their respective roles

minimum privileges assigned to each role

25
Q

What does separation of duties mean in RBAC?

A

ensures that no individual can both specify an action and carry it out

26
Q

What is mobile device management (MDM)?

A

control that resrtricts access to an organizations resources only to authorized mobile devices

27
Q

What is data encryption?

A

cryptographic technique in which data is encoded and made indecipherable

28
Q

What is data in flight?

A

refers to data that is being transferred over a network

29
Q

What is data at rest?

A

refers to data this stored on a storage medium

30
Q

What is the main rule when it comes to data encryption?

A

data should be encrypted as close to its origin as possible

31
Q

What are Transport Layer Security (TLS) and Secure Socket Layer (SSL)

A

application layer protocols that provide encrypted connection for client server communication

32
Q

What is data shredding?

A

process of deleting data or residual representations of data which makes it unrecoverable

33
Q

What are the 3 main data shredding techniques?

A

phyiscally destroying
degaussing
overwriting

34
Q

What is degaussing?

A

process of decreasing or eliminating the magnetic field of media

35
Q

What is overwriting?

A

overwriting the disks several times with invalid data

36
Q

What is penetration testing?

A

evaluates systems and apps to find vulnerabilities and threats an attacker can exploit