Security Architecture: Methods of Securing Data

Question 1

What is geographical restrictions?

Answer 1

Geographic restrictions: Refers to constraining data to certain aspects of the organization’s geography.

Sovereignty

Geofence

Question 2

Encryption

Answer 2

Encryption: Converts plain text, which is human-readable data, to cipher text.

Works on confidentiality

Question 3

Hashing

Answer 3

Hashing: Creates a hash that can be compared to the hash on another system, to help guarantee data integrity.

Involves data integrity by comparing different values which needs to match to determine if it is tampered or not by hashing algorithm.

Question 4

Masking

Answer 4

Masking: Obfuscates original, sensitive data with realistic but fictitious information to protect its confidentiality while maintaining its usability for testing or analytical purposes. One method of obfuscate.

Masking process: (credit card or audit type systems used this)

Question 5

Tokenization

Answer 5

Tokenization: Substitutes sensitive data with unique symbols or tokens, thereby helping to reduce the risk of exposure and helping maintain security during transactions or data storage.

Another way to obfuscate

Token Process (substitute the character with other characters)

Reversable and non reversable:

6 will represent number 3 and build that method (reversable)

Non-Reversable is like masking but not completely masking

Question 6

Obfuscation

Answer 6

Obfuscation: Refers to the practice of intentionally making something unclear, confusing, or difficult to understand. This method is often applied to code, text, or information to protect it from unauthorized access or reverse engineering.

Methods: Masking or Tokenization

Question 7

Segmentation

Answer 7

Segmentation: Refers to the practice of dividing a computer network into smaller, isolated segments to enhance security, control access, and contain potential breaches or threats.

• VLAN