Module 18 Understanding Defense Flashcards
Assets
Anything of value to an org that must be protected, servers, infrastructure devices, end devices and data.
Vuln
A weakness in a system or its design that could be exploited by a threat actions
Threats
Any potential danger to an asset
What is asset management?
Inventorying all assets, and then developing and implementing policies and procedures to protect them.
What are assets?
The collection of all devices and information owned or managed by the organization are assets.
What is asset management?
Inventory all assets you have, then develop and implement policies and procedures to protect them.
- Where are critical info assets stored?
What to identify vulnerabilities?
What are the possible vulnerabilities of a system, who may want to exploit those vulnerabilities to access specific information assets, and what are the consequences if sys vulnerabilities are exploited?
The e banking example - what are some vulnerabilities?
Data center destruction, data input errors, phony transactions using a customer pin, stolen customer data (attacker steals personal and financial data of bank customers from the customer database), internal system compromise, phony transactions from an external server.
What is an indepth security approach?
Routers, firewalls, IPS, AMP (Advanced malware protection),
What is an edge router?
First line of defense, it allows or denies traffic it sees from the internet.
What would be a second line of defense?
Firewall
What is a security onion?
Defense-in-depth approach. Firewall, IPS, content filtering, AAA ,hardened devices.
What is the analogy of the security artichoke?
Benefits the threat actor, threat actors no loner needs to peel away each layer, if they remove certain leaves, sensitive data will eb revealed.
What are business policies?
Guidelines that are developed by an org to govern its actions
What are some guiding policies for a company?
Company policies, employee policies and security policies.
What are employee policies?
HR - salary, pay schedule, employee benefits, work schedule, vacations and more
What are security policies?
Security policies identify a set of security objectives for a company, define the rules of behavior for users and administrators and system req.
What is a company policy?
Rules of conduct for both employer and employees.
What is the point of a security policy?
Inform users, staff and managers an organizations requirements for protecting technology and information assets.
- defines legal consequences of violations
- sets rules for expected behavior
- ensures consistency in system operations, software and hardware acquisition and use
What are some type of policies within the security realm?
AUP, remote access policy, incident handling procedures, password policies, identification and authentication policy.
What is a BYOD policy?
You bring your own mobile device to access company systems, networks, etc. BYOD security policy specifies which devices can be supported, level of access employees have, safeguards (if device is compromised) - how much security the device should have
What are some BYOD best practices?
Back up data, provide antivirus software, manually control wireless connectivity, password protect access
