Objective 4 - Technical Integration of Enterprise Security

Question 1

What is zoning on fibre channel switches?

Answer 1

Grouping resources and hosts together into a zone. Only hosts in a zone access those resources.

Question 2

What is LUN masking?

Answer 2

Secures a SAN by allowing only specific hosts to access a LUN

Question 3

What is FCoE?

Answer 3

Fiber Channel over Ethernet - Can operate at 10GBps over ethernet, operates more efficiently with converged network adapters (CNAs) and allows storage data traffic and network traffic to operate over a single network

Question 4

What are De facto standards?

Answer 4

Those widely accepted but are not fomarlly adopated

Question 5

What are De jure standards?

Answer 5

Those that are based on laws or regulations and are adopted by international standards organizations. Should take precedence over de facto

Question 6

What is an ERP?

Answer 6

Enterprise Resource Planning Solution - collects, stores, manages and interprets business process data

Question 7

What is a vSAN?

Answer 7

Virtual Storage Area Network - Isolates two devices on the same SAN fabric

Question 8

What is an HBA?

Answer 8

Host Bus Adapter

Question 9

Define SSO and its use

Answer 9

Single sign-on allows a user to authenticate once and then access all of the resources that a user is authorized to use

Question 10

Define SPML and its use

Answer 10

Service Provider Markup Language - XML framework used to exchange user, resource and service-provisioning information

Question 11

Define SOAP and its use

Answer 11

Simple Object Access Protocol - Used to exchange structured data between web services

Question 12

Define XACML and its use

Answer 12

Extensible Access Control Markup Language - XML based, used with SAML to implement security policies

Question 13

Define SAML and its use

Answer 13

Security Assertions Markup Language - An XML-based data format used to
exchange authentication information between a client and a service.

Question 14

What is Steganography and what are two examples?

Answer 14

Method of hiding messages inside other objects or common files. Concealment cipher (includes plaintext within the ciphertext) and watermarking (message embedded within a document or picture) are examples.

Question 15

What elements of protection does a Digital Signature provide?

Answer 15

Digital Signature is a hash value that is encrypted with the sender’s private key. Non-repudiation, authentication, integrity

Question 16

What is “Due Care”

Answer 16

Good actions/acting aligned with the structure from due diligence so we are doing the right things, not wrong things.

Loosely, if you are at a pool and there are rules on the wall, like no running, the actions abiding by those rules is Due Care.

Question 17

What is “Due Diligence”

Answer 17

Good governance/good oversight. Loosely, overseeing action, directing it with governance, policy and providing strategy so people understand objectives

Question 18

Define “Identity Federation”

Answer 18

Practice of linking a single identity across multiple identity management systems

Question 19

What is attestation?

Answer 19

Technique of verifying that only the individuals who need access privileges have those privileges

Question 20

List the common Identity Federation options

Answer 20

OpenID (OAuth), WAYF, Shibboleth, SAML

Question 21

Is a stream-based or block-based cipher best for encrypted video?

Answer 21

Stream-based ciphers

Question 22

Which identity federated system is the basis for WAYF?

Answer 22

Shibboleth