Security, Compliance and Identity concepts Flashcards

1
Q

What is Zero-based trust?

A

A methodology that removes trust for your network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are the three principles of zero-based trust?

A

Verify explicitly, least privileged access, assume breach.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are the zero-based trust pillars?

A

Identities, devices, applications, networks, infrastructure, data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is defence in depth?

A

A security methodology that promotes having multiple layers of defence against attack so if a layer is penetrated, there’s another to slow the attacker.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is encryption?

A

A method of making data unreadable and unusable to unauthorized persons through encryption at rest and encryption in transit.

Two types of encryption:

  • Symmetric uses the same key on both sides. Weakness is key exchange being compromised by man in the middle who can steal the key during exchange.
  • Asymmetric uses a public and private key pair
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is hashing?

A

Uses an algorithm to convert the original text to a unique fixed length hash value. Hash functions are:

  • Deterministic, same input produces same output
  • Unique identifier of its associated data
  • Different to encryption in that the hashed value unable to be decrypted back to the original. Theoretically one-way.
  • Used to store passwords. Passwords usually salted to prevent brute force rainbow attacks.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is the Cloud Adoption Framework?

A

A whitepaper that helps organizations migrate their workloads to Azure.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are the CAF steps?

A

Define Strategy, Plan, Ready, Adopt, and throughout those steps - Govern and Manage

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is CIA?

A

Confidentiality - Encryption so that data is not understandable
Integrity - Checksums to ensure data remains untampered
Accessibility - Ensuring data is available to the right users

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is the shared responsibility model?

A

Responsibilities on customer reduces as hosting model expands:
- SaaS least responsibility on customer as Azure has the greatest responsibility
- PaaS
- IaaS
-

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What are common threats?

A

Data breach - Phishing, tech support cams, SQL injection
Dictionary attack - Type of identify attack by brute force attack using a large number of known passwords
Ransomware - Type of malware that encrypts and folders and to extort money from victims
Disruptive attacks - Object is to disrupt the endpoint by exhausting endpoint resources.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What are common identity attacks?

A
  • password based attacks
  • phishing tricks someone to send their credentials.
  • spear phishing tricks someone by providing some of the credentials to look more real
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Identity as the primary security perimeter. What does this mean?

A

Identity is how someone/something can be verified and authenticated, can be a user, app, device, etc.
Four pillars of identity
- Administration - Create identity
- Authentication - Verify the identity is legitimate
- Authorization - What can the identity access
- Auditing - Observe and monitor what the identity is doing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly