Module 11: Storage Infrastructure Security (Security Controls) Flashcards
What is a firewall?
security control designed to examine data packets traversing a network and compare them to filtering rules
What is a filtering rule?
may use various filtering parameters such as source address and protocols
can be set for both incoming and outgoing traffic
What determines the effectiveness of a firewall?
how robustly and extensively the security rules are defined
What happens if an unauthorized packet is picked up by the firewall?
dropped and not allowed to continue to the requested destination
What is a demilitarized zone?
a control to secure internal assets while allowing Internet based access to selected resources
How are servers setup in a demilitarized zone?
servers that need Internet access are placed between two firewalls
servers in demilitarized zone may or may not be allowed to communicate with internal resources
What traffic is allowed to go through the demilitarized zone?
application specific ports are allowed through firewall to the demilitarized zone
What isn’t allowed to go through the demilitarized zone?
no internet based traffic is allowed to go through the second firewall and gain access to the internal network
What is IDPS?
intrusion detection - process of detecting events that can compromise the confidentiality of IT resources
What is an IDS?
Intrusion Detection System - security tool that automates the detection process
What is an IPS?
Intrusion Prevention System - tool that has the capability to stop the events after they have been detected by the IDS
What are the key techniques used by an IDPS?
signature based detection
anomaly based detection
What is signature based detection?
IDPS relies on a database that contains known attack patterns or signatures and scans events against it
What is anomaly based detection?
IDPS scans and analyzes events to determine whether they are statistically different from events normally occurring in the system
What is a VPN?
virtual private network - provides a secure connection to the IT resources - secures site to site connection