Security Architecture 2 Flashcards
What is physical isolation?
- Phisically isolating parts of the system from each other
- Air Gar: Between two routers or switches
- No mixing of data
What is SDN?
Software defined Networking
* Approach that uses software based controller or APIs to direct traffic on network and communicate with underlying hardware structure
Planes of Operation
Infrastructure layer / Data plane
* frames and packets
* forwarding, trunking, encrypting, NAT
Control layer / Control Plane
* Manages actions of data plane
* Routing tables, session tables
* Dynamic routing protocol updates
Application layer / management plane
* Configure and manage device
* SSH
* Browser API
What is on-premises security?
All Data and System is managed within and from the Organization
Pros and Cons of Centralized approach
Pro
* Correlated alerts
* Consolidated log file analysis
* Comprehensive system status and maintanance/patching
Contra
* Single point of failure
* Potential performance issues
Explain Virtualization
- Different OS running on the same Hardware
Infrastructure
Physical device such as data center or server
Hypervisor
Software managing resources between VM´s
Guest OS
Seperate for every machine
Applications
Are on top of every OS
What is Containerization
Way of packing, distributing and running code or application in a consistent environment
Container
* Encapsulates application alongside with dependencies and runtime environment
Dockers
* Platform to manage containers
What is SCADA / ICS
Supervisory Control and Acquition system
- Large-scale mutiside industrial control system
- PC manages all equitment
- Extensive segmentation
Used for
* Power generation
* Refining
* Energy
* Logistics
What is RTOS?
Real Time operating system
- Manages tasks strictly on priority level
- Used for military environments
- Industrial Equitment
What are Embedded Systems
Pourpose build systems - build for one specific function such as:
- Traffic light controllers
- Digital watches
- Medical systems
What means resilience and MTTR
- How quickly can we recover a system
MTTR
Mean time to recover
What is Ease of deployment?
Many moving parts of application to be taken into consideration
* Web servers
* Data Base
* Caching server
* Firewall