Security Architecture 4 Flashcards
1
Q
VPN Concentrator
A
- Device or software that functions as endpoint for everyone connecting to it
- Often integratd in Firewall
2
Q
Explain how Data forwarding works in an encrypted tunnel
A
- Original Data packet consists of IP header and Data
- Both get encrypted
- IPsec header to identify where packet started
- IPsec trailer to identify where it ended
- Add new IP header to point to the right concentrator
3
Q
SSL/TLS VPN
A
- Authenticate users
- No big VPN clients (often single devices)
- Uses common SSL/TLS protocol (tcp/443)
- On-demand access from remote device
- Software connects to VPN concentrator
4
Q
Site-to-site IPsec VPN
A
- Connects larger sites
- Always on
- Firewalls often act as concentrators
5
Q
SD-WAN
A
- Software defined networking in Wide Area network
- Allows cloud based applications to communicate directly to the cloud instead of hopping through central point
6
Q
SASE
A
Secure Access Service Edge
* Next generation VPN
* Secures Access for cloud services
7
Q
Which Types of Data classifications are there?
A
Proprietary
* Property of organization
PII
* Personally Identifiable Information
PHI
* Health Information associated with individual
8
Q
What is Data Souvereignity
A
Data that resides in country is subject to laws of that country
* Exp. Storage of data
9
Q
Server Clustering
A
Combining two or more servers that appear and operate as a single large unit
* User sees only one device
* Easy to scale up
* Usually configured in OS