Security, Compliance and Identity concepts Flashcards
What is Zero-based trust?
A methodology that removes trust for your network.
What are the three principles of zero-based trust?
Verify explicitly, least privileged access, assume breach.
What are the zero-based trust pillars?
Identities, devices, applications, networks, infrastructure, data
What is defence in depth?
A security methodology that promotes having multiple layers of defence against attack so if a layer is penetrated, there’s another to slow the attacker.
What is encryption?
A method of making data unreadable and unusable to unauthorized persons through encryption at rest and encryption in transit.
Two types of encryption:
- Symmetric uses the same key on both sides. Weakness is key exchange being compromised by man in the middle who can steal the key during exchange.
- Asymmetric uses a public and private key pair
What is hashing?
Uses an algorithm to convert the original text to a unique fixed length hash value. Hash functions are:
- Deterministic, same input produces same output
- Unique identifier of its associated data
- Different to encryption in that the hashed value unable to be decrypted back to the original. Theoretically one-way.
- Used to store passwords. Passwords usually salted to prevent brute force rainbow attacks.
What is the Cloud Adoption Framework?
A whitepaper that helps organizations migrate their workloads to Azure.
What are the CAF steps?
Define Strategy, Plan, Ready, Adopt, and throughout those steps - Govern and Manage
What is CIA?
Confidentiality - Encryption so that data is not understandable
Integrity - Checksums to ensure data remains untampered
Accessibility - Ensuring data is available to the right users
What is the shared responsibility model?
Responsibilities on customer reduces as hosting model expands:
- SaaS least responsibility on customer as Azure has the greatest responsibility
- PaaS
- IaaS
-
What are common threats?
Data breach - Phishing, tech support cams, SQL injection
Dictionary attack - Type of identify attack by brute force attack using a large number of known passwords
Ransomware - Type of malware that encrypts and folders and to extort money from victims
Disruptive attacks - Object is to disrupt the endpoint by exhausting endpoint resources.
What are common identity attacks?
- password based attacks
- phishing tricks someone to send their credentials.
- spear phishing tricks someone by providing some of the credentials to look more real
Identity as the primary security perimeter. What does this mean?
Identity is how someone/something can be verified and authenticated, can be a user, app, device, etc.
Four pillars of identity
- Administration - Create identity
- Authentication - Verify the identity is legitimate
- Authorization - What can the identity access
- Auditing - Observe and monitor what the identity is doing