S2-m1 Flashcards
The supporting IT architecture within most modern companies has…
multiple, interconnected technological components, with the core infrastructure involving a combination of:
-on-premises and outsourced hardware
-software
-specialized personnel
Who supports the infrastructure?
some orgs manage this infrastructure themselves, but many are relying on third party providers to support their IT operations
SOC 2 Engagements
Examinations in which a third party evaluates and reports on a service organizations system controls as it relates to the AICPA five trust services criteria
AICPA Five Trust Services Criteria
- Security
- Availability
- Processing integrity
- Confidentiality
- Privacy
EUDs
End user devices are electronic machines, typically computers or mini computers, that directly interact with employees or consumers at the edge of a network, meaning they are the point in a chain of applications or an organizations IT architecture that interfaces with a human. Desktops, laptops…
Network Infrastructure
refers to the hardware, software, layout, and topology of network resources that enable connectivity and communication between devices on a computer network
Modem
Connects a network to n internet service providers network, usually through a cable connection. It is the device that brings internet into a home or office. Each modem has a public IP address
Routers
Manage network traffic by connecting devices to form a network. They read the source and destination fields in information packet headers to determine the most efficient path through the network for the packet to travel.
Switches
Similar to routers in that they connect and divide devices within a computer network. However, switches do not perform as many advanced functions as a router, like assigning IP addresses. Connects devices by splitting signal
Gateways
Converts protocols. A computer or device that acts as an intermediary between different networks. It transforms data from one protocol into another so that information can flow between networks
Edge Enabled Devices
Devices allow computing, storage, and networking functions closer to the devices where the data or system requests originates, rather than a distant central location
Servers
Physical or virtual machines that coordinate the computers, programs, and data that are part of the network. Most business networks use a client/server model in which the client sends a request to the server and it provides a response or executes some action
Firewalls
Software applications or hardware devices that protect a persons or companies network traffic by filtering it through security protocols with the predefined rules. Intended to prevent un authorized access into the organization and to prevent employees from downloading malicious programs
Basic Packet Filtering
Firewall
Work by analyzing network traffic that is transmitted in packets (data communicated); and determine whether that firewall software is configured to accept the data
Circuit level Gateways
Firewall
Verify the source of a packet and meet rules and policies set by the security team
Application level Gateways
Firewall
Gatways inspect the packet itself. Very resource intensive
Network topology
refers to the physical layout of equipment, or nodes in a network, which is essential for understanding how to properly engineer the network for optimal performance
What are the different requirments for components?
Topoolgy
length adn type of connecting cables, data transmisssion rates, and physical position of each node in the network. These are based on size of the network, the performance needs of the organization, and the environment in which the network is built.
Bus Topology
This layout is either in a linear or tree form, with each node connected to a single line or cable. Data can be transmitted by any node on the system at the same time, which can cause signal interference.
Mesh Topology
There are numerous connections between nodes, with all nodes being connected in a full mesh topology and only some connected in a partial mesh toplogy. Common in wireless networks, allows for high levels of traffic but is costly
Ring Topology
Nodes are connected in a circular path in ring topologies. When data is transferred to a destination device, it must first go through every other device between the source and destination. There are unidirectional ring paths that allow data transmission to move in one direction, and there are multidirectional paths that flow two way data transmission. Data transmission collision is minimized or eliminated - can result in slow network performance
Star Topology
Data passes through a central hub that acts as a switch or server, and then transmits to peripheral devices that act as clients. Multiple hubs in case one fails, only nodes connected to that hub will stop functioning. Easier to identify damaged cables.
How do devices in a network communicate with other devices?
Protocols; the type of protocol governs the way data is transmitted based on the method used like cable/port/wireless
Open System Interconnection Model
Helps explain how these protocols work; and how networking devices communicate with each other
Application Layer 7
OSI
Serves as the interface between applications that a person uses and the network protocol needed to transmit a message. Does not represent actual application being used. Hypertext Transfer Protocol (HTTP), File Transfer Protocol (FTP)
Presentation Layer 6
OSI
Transforms data received from the Application layer into a format that other devices using the OSI model can interpret, such as standard formats for videos, images, and web page. Encryption occurs at this layer. American Standard Code for Information Interchange (ASCII), JPEG, MPEG
Session Layer 5
OSI
Allows sessions between communicating devices to be established and maintained. Sessions allow networking devices to have dialogue with each other. Remote Procedure Call (RPC), Structured Query Language (SQL
Transport Layer 4
OSI
Supports and controls the communication connections between devices. This involves setting the rules for how devices are referenced, the amount of data that can be transmitted, validating the data’s integrity and determining whether data has been lost. Transmission Control Protocol (TCP), User Datagram Protocol (UDP), Secure Sockets Layers (SSL)