Objective 4 - Technical Integration of Enterprise Security Flashcards
What is zoning on fibre channel switches?
Grouping resources and hosts together into a zone. Only hosts in a zone access those resources.
What is LUN masking?
Secures a SAN by allowing only specific hosts to access a LUN
What is FCoE?
Fiber Channel over Ethernet - Can operate at 10GBps over ethernet, operates more efficiently with converged network adapters (CNAs) and allows storage data traffic and network traffic to operate over a single network
What are De facto standards?
Those widely accepted but are not fomarlly adopated
What are De jure standards?
Those that are based on laws or regulations and are adopted by international standards organizations. Should take precedence over de facto
What is an ERP?
Enterprise Resource Planning Solution - collects, stores, manages and interprets business process data
What is a vSAN?
Virtual Storage Area Network - Isolates two devices on the same SAN fabric
What is an HBA?
Host Bus Adapter
Define SSO and its use
Single sign-on allows a user to authenticate once and then access all of the resources that a user is authorized to use
Define SPML and its use
Service Provider Markup Language - XML framework used to exchange user, resource and service-provisioning information
Define SOAP and its use
Simple Object Access Protocol - Used to exchange structured data between web services
Define XACML and its use
Extensible Access Control Markup Language - XML based, used with SAML to implement security policies
Define SAML and its use
Security Assertions Markup Language - An XML-based data format used to
exchange authentication information between a client and a service.
What is Steganography and what are two examples?
Method of hiding messages inside other objects or common files. Concealment cipher (includes plaintext within the ciphertext) and watermarking (message embedded within a document or picture) are examples.
What elements of protection does a Digital Signature provide?
Digital Signature is a hash value that is encrypted with the sender’s private key. Non-repudiation, authentication, integrity
What is “Due Care”
Good actions/acting aligned with the structure from due diligence so we are doing the right things, not wrong things.
Loosely, if you are at a pool and there are rules on the wall, like no running, the actions abiding by those rules is Due Care.
What is “Due Diligence”
Good governance/good oversight. Loosely, overseeing action, directing it with governance, policy and providing strategy so people understand objectives
Define “Identity Federation”
Practice of linking a single identity across multiple identity management systems
What is attestation?
Technique of verifying that only the individuals who need access privileges have those privileges
List the common Identity Federation options
OpenID (OAuth), WAYF, Shibboleth, SAML
Is a stream-based or block-based cipher best for encrypted video?
Stream-based ciphers
Which identity federated system is the basis for WAYF?
Shibboleth