Random (too lazy to put in categories) Flashcards
What is MFD?
Multifunction Device
(like all-in-one printers)
ISO 27001
ISO 27001 standard is the foundational standard for Information Security Management Systems (ISMS)
IOS 27701
ISO 27701 stand extends the ISO 27001 and 27002 standards to include detailed management of PII and data privacy
ISO 31000
ISO 31000 satnds sets internation standards for risk management practices
ISO 27002
ISO 27002 focus on information security controls
A user connects to a third-party website and receives this message:
Your connection is not private.
NET::ERR_CERT_INVALID
What attack would be the MOST likely reason for this message?
On-path
The entity in the middle would not be able to provide a valid SSL certificate for a third-party website, and this error would appear in the browser as a warning.
MTBF
Mean Time Between Failures
MTTF
Mean Time to Failure
expected lifetime of a non-repairable product or system
EAP-TTLS
Extensible Authentication Protocol - Tunneled Transport Layer Security
allows the use of multiple authentication protocols transported inside of an encrypted TLS tunnel
Preventative
physcially limits access to a device or area
Corrective
can actively work to mitigate any damage
Detective
may not prevent access, but it can identify and record and intrusion attempts
Compensating
doesn’t prevent an attack, but it does restore from an attack using other means
Physical Control
real-world security, such as a fence or door lock
Deterrent
does not directly stop an attack, but it may discourage an action
USB Data Blocker
physical USB cables that allow power connections but prevent data connections
SED
Self-Encrypting Drive
provides data protection of a storage device using fully-disk encryption in the drive hardware
TLS VPN
frequently chosen when ease of use is important, and web applications are the primary usage mode
IPSec VPN
are used for site-to-site VPNs and for purposes where other protocols may be needed because they make the enpoint system appear to be on the remote network
DMZ
Demilitarized zone
a separate subnet coming off the separate router interface
public traffic may be allowed to pass from the external public interface to the DMZ, but won’t be allowed to pass to the interface that connectes to the internal private network
VLAN
think of PARTITIONING!!
emulates physical partitioning
most often used to segment the internal network
IPv6
includes IPsec built into the protocol by default
also provides an extended IP address range for networks, eliminating the need for using NAT
Wireshark
free and open-source packet analyzer
used for network troubleshooting, analysis, software and communications protocol development, and education
Containerization
the logical isolation of enterprise data from personal data while co-existing in the same device
major benefit of containerization is that adminstrators can only work profiles that are kept separate from the user’s personals accounts, apps, and data
creates a secure vault for your coporate information
What should you place at the end of your ACL rules?
An implicit deny statement
What easily detects buffer overflows?
Static code analysis
SPI
Sensitive Personal Information
information about a subject’s opinions, beliefs, and nature afforded specially protected status by privacy legislation
Load balancer
allows for high availability and the ability to serve increased demand by splitting the workload across multiple servers
DaaS
Desktop as a Service
provides a full virtualized desktop enviroment from within a cloud-based service
also known as VDI (Virtualizaed Desktop Infrastructure)
like Stadia or NVIDIA GeForce Now :D
