Part II: Architecture and Design Flashcards
Domain 2.0 Architecture and Design
Essential Terms and Components:
2.1 Explain the importance of security concepts in an enterprise environment.
- configuration management
- data sovereignty
- data protection
- data loss prevention (DLP)
- data masking
- data encryption
- data at rest
- data in motion
- data in processing
- tokenization
- hashing
- rights management
- hardware security module (HSM)
- cloud access security broker (CASB)
- Secure Sockets Layer (SSL)
- Transport Security Layer (TLS)
- hot site
- cold site
- warm site
- deception
- disruption
- honeypot
- honeyfile
- honeynet
- DNS sinkhole
CompTIA Objectives PDF
CompTIA Security+ Exam Cram - SY0-601 (All 5 Domains)
Sec+ Exam Cram Youtube PDF
Professor Messor Sec+ Vids
(pg. 123-124)
Chapter 9: Enterprise Security Concepts
Domain 2.0 Architecture and Design
1. The process of identifying, controlling, and auditing the deployment and changes made to an established baseline.
2. Ensures that systems are configured similarly, configurations are known and documented.
Baseline Configuration, Diagrams, Standard Naming Conventions, IP Schema
2.1 Explain the importance of security concepts in an enterprise environment.
Configuration Management
(pg. 124)
Chapter 9: Enterprise Security Concepts
Domain 2.0 Architecture and Design
1. Based on a component or a system and includes the configurations and settings that are set as the foundation for all similiar systems.
2. A set of specifications for a system, or Configuration Item (CI) within a system, that has been formally reviewed and agreed on at a given point in time, and which can be changed only through change control procedures. Is used as a basis for future builds, releases, and/or changes.
Image-based deployment, infrastructure-as-code (IaC)
2.1 Explain the importance of security concepts in an enterprise environment.
Baseline Configuration
LINK: CSRC.NIST.GOV
{Baseline: A measure of normal activity that is use to determine abnormal system and network behaviors.}
Chapter 9: Enterprise Security Concepts
Domain 2.0 Architecture and Design
Are particularly important for networks and interconnected complex systems. Examples include network maps, cabling and wiring diagrams, and application configuration and connections.
2.1 Explain the importance of security concepts in an enterprise environment.
Diagrams
(pg.125)
Chapter 9: Enterprise Security Concepts
Domain 2.0 Architecture and Design
1. Standard for naming computers, tagging assets, labeling network ports, configuring user account names and standard email addresses.
2. Make identifying device type (router, server, printer) easier
Naming prefixes (e.g. rtr, svr prt) can help
2.1 Explain the importance of security concepts in an enterprise environment.
Standard Naming Conventions
LINK: quizlet
(pg. 125) & (see link above)
Chapter 9: Enterprise Security Concepts
Domain 2.0 Architecture and Design
1. An IP address plan or model that allows for consistent addressing of network devices; helps avoid duplicate IP addresses; takes into account locations, IP ranges at different sites, reserved addresses
2. Use network segmentation to reduce broadcast traffic and enable filtering/restricting traffic to subnets containing sensitive resources. Matching resources to specific segments maximizes data and resource security.
IP subnetting, port filtering
2.1 Explain the importance of security concepts in an enterprise environment.
Internet Protocol (IP) Schema
LINK: quizlet
Sec+ YouTube PDF
(pg. 125) & (see link above)
Chapter 9: Enterprise Security Concepts
Domain 2.0 Architecture and Design
1. Data that is subject to the laws of the geography where the data resides.
2. Digital data is subject to the laws and regulations
of the country in which it was created.
3. It cannot be moved to another region—even for a
backup-related reason.
4. Data is subject to the laws of where it is stored,
which can bring significant legal implications.
5. A company’s Legal department should be consulted to offer guidance on legal impact of geography.
2.1 Explain the importance of security concepts in an enterprise environment.
Domain 2.0 Architecture and Design
1. Preventing theft or disclosure of data – both intentional and unintentional.
2. The process of safeguarding important data from corruption, compromise or loss and providing the capability to restore the data to a functional state should something happen to render the data inaccessible or unusable.
2.1 Explain the importance of security concepts in an enterprise environment.
Domain 2.0 Architecture and Design
1. Security services that identify, monitor, and protect data during use, storage, or transfer between devices.
2. Software that relies on deep inspection of data and transactional details for unauthorized access operations.
policies applied to email, cloud storage, and even databases
2.1 Explain the importance of security concepts in an enterprise environment.
Data Loss Prevention (DLP)
(pg.127-128; pg.630)
Chapter 9: Enterprise Security Concepts
Domain 2.0 Architecture and Design
1. Desensitizing or removing sensitive or personal data but enabling the data to remain usable.
2. Partial data is left in a data field.
partial credit card informaiton on a reciept
2.1 Explain the importance of security concepts in an enterprise environment.
Masking or Data Masking
(pg.131)
Chapter 9: Enterprise Security Concepts
Domain 2.0 Architecture and Design
2.1 Explain the importance of security concepts in an enterprise environment.
(pg.#)
Chapter 9: Enterprise Security Concepts
Domain 2.0 Architecture and Design
2.1 Explain the importance of security concepts in an enterprise environment.
(pg.#)
Chapter 9: Enterprise Security Concepts
Domain 2.0 Architecture and Design
2.1 Explain the importance of security concepts in an enterprise environment.
(pg.#)
Chapter 9: Enterprise Security Concepts
Domain 2.0 Architecture and Design
2.1 Explain the importance of security concepts in an enterprise environment.
(pg.#)
Chapter 9: Enterprise Security Concepts
Domain 2.0 Architecture and Design
2.1 Explain the importance of security concepts in an enterprise environment.
(pg.#)
Chapter 9: Enterprise Security Concepts