Security Operations (OPS) Flashcards

1
Q

Acoustical Detection

A

Microphones, vibrations sensors

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Admissible Evidence

A

Relevant, sufficient, reliable, does not have to be tangible

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Alarm filtering

A

The process of categorizing attack alerts produced from an IDS in order to distinguish false positives from actual attacks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Alert/Alarm

A

A signal suggesting a system has been or is being attacked.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Analysis

A

Systematic assessment of threats and vulnerabilities that provides a basis for effective management of risk.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Automatic Recovery

A

When resolving a single failure (though system administrators are needed to resolve additional failures

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Automatic Recovery Without Undo Loss

A

Higher level of recovery defining prevention against the undue loss of protected objects

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Auxiliary Station Systems

A

Alarm to local fire or police

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Backup Storage Media

A

Tape: sequential, slow read, fast write 200GB an hour, historically
cheaper than disk (now changing), robotic libraries
Disk: fast read/write, less robust than tape
Optical drive: CD/DVD. Inexpensive
Solid state: USB drive, security issues, protected by AES

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Best Evidence

A

Primary: used at the trial because it is the most reliable.
Original documents are used to document things such as contracts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Bind Variables

A

Placeholders for literal values in SQL query being sent to the database on a server; Used to enhance performance of a database

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Business Attacks

A

Focus on illegally obtaining an organization’s confidential information. The use of the information gathered usually causes more damage than the initial event itself.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Central Stations

A

Less than 10mins travel time for e.g. an private security firm

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Chain of Custody

A

Collection, analysis and preservation of data
Forensics uses bit-level copy of the disk

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Change Control

A

Maintaining full control over requests, implementation, traceability, and proper documentation of changes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Cipher Lock

A

Electrical

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Circumstantial Evidence

A

Used to help assume another fact
Cannot stand on its own to directly prove a fact

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Civil Law

A

Europe, South America

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Classification

A

The assignment of a level of sensitivity to data (or information) that results in the specification of controls for each level of classification.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Classification Scheme

A

organization way of classifying data by factors such as criticality, sensitivity and ownership.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Clearing

A

Overwriting media to be reused

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Combination Lock

A

3 digits with wheels

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Common Law

A

USA, UK Australia Canada (judges)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Computer Crime Laws

A

3 types of harm:

unauthorized intrusion

unauthorized alteration or destruction

malicious code

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Conclusive Evidence

A

Irrefutable, cannot be contradicted
Requires no other corraboration

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Confidence value

A

A value an organization places on an IDS based on past performance and analysis to help determine its ability to effectively identify an attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

Configuration

A

Collection of component CI’s that make another CI

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Configuration item (CI)

A

 Component whose state is recorded

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Containment

A

Mitigate damage by isolating compromised systems from the network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

Corroborative Evidence

A

Supports or substantiates other evidence presented in a case

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

Darknet

A

Unused network space that may detect unauthorized activity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

Data Custodian

A

Individuals and departments responsible for the storage and safeguarding of computerized data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

Data Dictionary

A

A database that contains the name, type, range of values, source and authorization for access for each data element

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

Data Haven

A

Is a country or location that has no laws or poorly enforced laws

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

Data Integrity

A

The property that data meet with a priority expectation of quality and that the data can be relied upon.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

Data Leakage

A

Siphoning out or leaking information by dumping computer files or stealing computer reports and tapes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

Data Loss Prevention (DLP)

A

Systems attempt to detect and block exfiltration attempts. These systems have the capability of scanning for keywords and patterns.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

Data Owner

A

Individuals, normally managers or directors, who have responsibility for the integrity, accurate reporting and use of computerized data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

Database Shadowing

A

Real-time data backup ( Data Mirroring)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

Debriefing / Feedback

A

External communications

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

Degauss

A

Protection of stored or displayed information by removal/reduction of the magnetic field (demagnetization).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

Detection

A

Identification and notification of an unauthorized and/or undesired action

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

Device Lock

A

Bolt down hardware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

Differential backup

A

Only modified files, doesn’t clear archive bit. Advantage: full and only last one needed, Intermediate time between.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

Direct Evidence

A

Can prove fact by itself and does not need any type of backup.
Testimony from a witness; one of their 5 senses.
Oral: case can’t stand on it alone
Oral: does not need other evidence to substantiate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q

Electromechanical Detection

A

 Senses a break or change in a circuit magnets pulled lose, wires door, pressure pads

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q

Electronic Vaulting

A

Periodic, automatic and transparent backup of data in bulk.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q

Emergency Restart Failure

A

Occurs after a failure happens in an uncontrolled manner. E.g. when a low privileged user tries to access restricted memory segments

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
49
Q

Endpoint-based DLP

A

Can scan files stored on a system as well as files sent to external devices, such as printers. For example, an organization endpoint-based DLP can prevent users from copying sensitive data to USB flash drives or sending sensitive data to a printer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
50
Q

Enticement

A

The legal action of luring an intruder, like in a honeypot

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
51
Q

Entitlement

A

Refers to the amount of privileges granted to users, typically when first provisioning an account. A user audit can detect when employees have excessive privileges

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
52
Q

Entrapment

A

The illegal act of inducing a crime; the individual had no intent of committing the crime at first

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
53
Q

Espionage

A

Malicious act of gathering proprietary, secret, private, sensitive, or confidential information about an organization. Often with the intent of disclosing or selling the information to a competitor or other interested organization (such as a foreign government). Attackers can be dissatisfied employees, and in some cases, employees who are being blackmailed from someone outside the organization. Countermeasures are to strictly control access to all nonpublic data, thoroughly screen new employee candidates, and efficiently track all employee activities.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
54
Q

Evidence

A

Must be preserved and identifiable

Sufficient –persuasive enough to convince one of its validity
Reliable –consistent with fact, evidence has not been tampered with or modified
Relevant –relationship to the findings must be reasonable and sensible, Proof of crime, documentation of events, proof of acts and methods used, motive proof, identification of acts
Permissible – lawful obtaining of evidence, avoid: unlawful search and seizure, secret recording, privacy violations, forced confessions, unlawful obtaining of evidence
Preserved and identifiable – collection, reconstruction
Identification labeling, recording serial number etc.
Evidence must be preserved and identifiable

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
55
Q

Evidence Lifecycle

A

1. Discovery
2. Protection
3. Recording
4. Collection and identification
5. Analysis
6. Storage, preservation, transportation
7. Present in court
8. Return to owner

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
56
Q

Exigent Circumstances

A

Allows officials to seize evidence before it’s destroyed (police team fall in)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
57
Q

Fail Closed/Secure

A

 Most conservative from a security perspective

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
58
Q

Fail safe system

A

Program execution is terminated and system protected from hardware or software compromise occurs DOORS usually

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
59
Q

Fail soft

A

Or resilient system: reboot, selected, non-critical processing is terminated

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
60
Q

Failover

A

 Switches to hot backup

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
61
Q

Failure Preparation

A

Backup critical information thus enabling data recovery

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
62
Q

False attack stimulus

A

The event signaling an IDS to produce an alarm when no attack has taken place

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
63
Q

False negative

A

A failure of an IDS to detect an actual attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
64
Q

False positive

A

An alert or alarm that is triggered when no actual attack has taken place

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
65
Q

Fault tolerance

A

Mitigation of system or component loss or interruption through use of backup capability.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
66
Q

Financial Attacks

A

Carried out to unlawfully obtain money or services.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
67
Q

Full Backup

A

All files, archive bit and modify bit are cleared. Advantage: only previous day needed for full restore, disadvantage: time consuming

68
Q

Function Recovery

A

System can restore functional processes automatically

69
Q

Grudge Attacks

A

Carried out to damage an organization or a person. The damage could be in the loss of information or information processing capabilities or harm to the organization or a person’s reputation.

70
Q

Hackers and Crackers

A

 Want to verify their skills as intruders

71
Q

Hacktivists

A

Often combine political motivations with the thrill of hacking.

72
Q

Hardware/ Embedded Device Analysis

A

Review the contents. This may include a review of Personal computers & Smartphones

73
Q

Hearsay

A

 Second-hand data not admissible in court

74
Q

Hearsay Evidence

A

Something a witness hears another one say.

Business records and all that’s printed or displayed. Exception: audit trails and business records when the documents are created in the normal course of business.

75
Q

Highly Confidential

A

Information that, if made public or even shared around the organization, could seriously impede the organization’s operations

76
Q

Host-based IDS (HIDS)

A

Monitors activity on a single computer, including process calls and information recorded in firewall logs. Often examines events in more detail than NIDS, can pinpoint specific files compromised in an attack. Can track processes employed by the attacker. A benefit over NIDSs is that it can detect anomalies on the host system.

77
Q

Hot Spares

A

Redundant component that provides failover capability in the event of failure or interruption of a primary component.

78
Q

Hypervisor

A

Software component that manages the virtual components. Adds an additional attack surface, so it’s important to ensure it is deployed in a secure state and kept up-to-date with patches, controls access to physical resources

79
Q

Incident

A

Event or series of events that adversely impact the ability of an organization to do business; suspected attack

80
Q

Incident handling

A

A documented battle plan for coordinating response to incidents.

81
Q

Incident response process

A

Detect
Respond
Report
Recover
Remediate
Review

82
Q

Incremental Backup

A

Only modified files, archive bit cleared, Advantage: least time and space, Disadvantage: first restore full then all incremental backups, thus less reliable because it depends on more components

83
Q

Internal Use only

A

loss would inconvenience the organization but disclosure is unlikely to result in financial loss or serious damage to credibility.

84
Q

Interrogation

A

Evidence retrieval method, ultimately obtain a confession

85
Q

Interviewing

A

 Gather facts and determine the substance of the case.

86
Q

Intrusion

A

Occurs when an attacker is able to bypass or thwart security mechanisms and gain access to an organization’s resources.

87
Q

Intrusion Detection System (IDS)

A

Monitors recorded information and real-time events to detect abnormal activity indicating a potential incident. Automates the inspection of logs and real-time events to find attempts and failures. An effective method of detecting many DoS and DDoS attacks. Can recognize attacks that come from external connections, such as from the Internet, and attacks that spread internally such as a malicious worm. Responds by sending alerts or raising alarms. In some cases can modify the environment to stop an attack.

A primary goal is to provide a means for a timely and accurate response to attacks. Intended as part of a defense-in-depth security plan. It will work with and compliment other security mechanisms but does not replace them.

88
Q

Intrusion Prevention System (IPS)

A

Includes all the capabilities of an IDS but can also take additional steps to stop or prevent intrusions. If desired, administrators can disable these extra features, essentially causing it to function as an IDS.

89
Q

Islamite and other Religious Laws

A

 ME, Africa, Indonesia

90
Q

JBOD

A

Most basic type of storage

91
Q

Lighting Continuous

A

Evenly distributed

92
Q

Lighting Controlled

A

No bleeding over no blinding

93
Q

Lighting Glare Protection

A

 Against blinding

94
Q

Lighting Responsive Areas Illumination

A

IDS detects activities and turns on lightning

95
Q

Lighting Standby

A

Timers

96
Q

Line Supervision Check

A

If no tampering is done with the alarm wires

97
Q

Local Alarms

A

Audible at least 4000 feet

98
Q

Locard’s principle

A

every time you make contact with another it results in an exchange of materials for both physical and digital evidence.

99
Q

Log

A

Record of system activity, which provides for monitoring and detection.

100
Q

Manual Recovery

A

 System administrator intervention is required to return the system to a secure state

101
Q

Media Analysis

A

A branch of computer forensic analysis. Involves the identification and extraction of information from storage. This may include the following: Magnetic (e.g., hard disks, tapes) Optical (e.g., CDs, DVDs, Blu-ray discs) Memory (e.g., RAM, solid state storage)

Techniques used may include the recovery of deleted files from unallocated sectors of the physical disk, the live connection to a computer system (especially useful when examining encrypted), and the static examination of forensic images of storage.

102
Q

Military or Intelligence Attack

A

Designed to extract secret information.

103
Q

MOM

A

Means, Opportunity and Motive
Used in determining suspects

104
Q

Monitor

A

Continuous surveillance, to provide for detection and response of any failure in preventive controls.

105
Q

Motion Detector

A

wave pattern movement sensors

106
Q

MTBF

A

Mean Time Between Failures (Useful Life) = MTTF + MTTR

107
Q

Network Analysis

A

Often depends on either prior knowledge that an incident is underway or the use of preexisting security controls that log activity. These include: Intrusion detection and prevention system logs, data captured by a flow monitoring system, Packet captures deliberately collected during an incident. Logs from firewalls and other security devices. Collect and correlate information from these disparate sources and produce as comprehensive a picture of activity as possible.

108
Q

Network Attached Storage (NAS)

A

Server optimized for providing file-based data storage to the network. Unlike a File Server, a NAS unit has no input or output devices, and the OS is dedicated for providing storage services.

109
Q

Network-based DLP

A

Scans all outgoing looking for specific variables. If a user sends out a restricted file, the system will detect it and prevent it from leaving the organization. Sends an alert, such as an email to an administrator.

110
Q

Network-based IDS (NIDS)

A

Monitors and evaluates network activity to detect attacks or event anomalies. Cannot monitor content of encrypted traffic but can monitor other packet details. Just one can monitor a large network by using remote sensors to collect data at key network locations that send data to a central management console.

111
Q

Noise

A

Data or interference that can trigger a false positive

112
Q

Notebook

A

Most preferred in the legal investigation; pages are attached to a binding.

113
Q

Notification

A

Communication of a security incident to stakeholders and data owners.

114
Q

Object Reuse

A

Utilization after initial use

115
Q

Opinion Rule

A

Requires witnesses to testify only about the facts of the case; cannot be used as evidence in the case.

116
Q

Parallel Tests

A

Involve relocating personnel to the alternate site and commencing operations there. Critical systems are run at an alternate site, main site open also

117
Q

Passive Infrared Detection

A

Through sensing changes in temperature

118
Q

Photoelectric Detector

A

Light beams interrupted (as in an store entrance)

119
Q

Prefabricated Building

A

A very cold site.

120
Q

Preset Lock

A

Comes with door

121
Q

Prevention

A

Controls deployed to avert unauthorized and/or undesired actions.

122
Q

Programmable Lock

A

Combination or electrical lock

123
Q

Proprietary

A

Define the way in which the organization operates.

124
Q

Proprietary Systems

A

Owned and operated by the customer.
System provides many of the features in-house

125
Q

Prototyping

A

Customer view taken into account

126
Q

Proximity or Capacitance Detector

A

Magnetic field shows presence around an object

127
Q

Pseudo Flaw

A

False vulnerability in a system that may attract an attacker

128
Q

Purging

A

 Degaussing or overwriting to be removed

129
Q

RAID Levels

A

RAID 0 Striped, one large disk out of several. Improved performance but no fault tolerance
RAID 1 Mirrored drives: fault tolerance from disk errors and single disk failure, expensive; redundancy only, not speed
RAID 2 not used commercially. Hammering Code Parity/error
RAID 3 Striped on byte level with extra parity drive. Improved performance and fault tolerance, but parity drive is a single point of failure and write intensive. 3 or more drives
RAID 4 Same as Raid 3 but striped on block level; 3 or more drives
RAID 5 Striped on block level, parity distributed over all drives. Requires all drives but one to be present to operate hot. Swappable. Interleave parity, recovery control; 3 or more drives
RAID 6 Dual Parity; parity distributed over all drives. Requires all drives but two to be present to operate hot. Swappable.
RAID 7 Same as raid 5 but all drives act as one single virtual disk

130
Q

Raking

A

Circumvent a pin tumbler lock

131
Q

Recovery

A

Measures followed to restore critical functions following a security incident.

132
Q

Redundant Array of Independent Drives (RAID)

A

A group of hard drives working as one storage unit for the purpose of speed and fault tolerance

133
Q

Redundant Servers

A

Use of a backup server(s) to protect information and essential processes in the event of a primary system failure.

134
Q

Remanence

A

Potentially retrievable data residue that remains following intended erasure of data.

135
Q

Remote Journaling

A

Real-time, automatic and transparent backup of data.

136
Q

Response Capability

A

Policy, procedures, a team

137
Q

Sabotage

A

Criminal act of destruction or disruption committed against an organization by an employee. It can become a risk if an employee is knowledgeable enough about the assets of an organization, has sufficient access to manipulate critical aspects of the environment, and has become disgruntled.

138
Q

Salvage Team

A

Goes back to the primary site to normal processing environmental conditions. Clean, repair, save what can be saved. Can declare when primary site is available again

139
Q

Script Kiddies

A

Attackers who lack the ability to devise their own attacks will often download programs that do their work for them. The main motivation behind these attacks is the “high” of successfully breaking into a system. Service interruption. An attacker may destroy data, the main motivation is to compromise a system and perhaps use it to launch an attack against another victim. Website defacements common

140
Q

Secondary Evidence

A

Copies of documents. Not as strong as best. A copy is not permitted if the original (Best) is available. Oral like Witness testimony

141
Q

Server Clustering

A

Group of independent servers which are managed as a single system. All servers are online and take part in processing service requests.
All share the same OS and application software vs. grid devices that can have different OSs while still working on same problem.

142
Q

Site policy

A

Guidelines within an organization that control the rules and configurations of an IDS

143
Q

Site policy awareness

A

The ability an IDS has to dynamically change its rules and configurations in response to changing environmental activity

144
Q

Software Analysis

A

Conduct forensic reviews of applications or the activity that takes place within a running application. In some cases, conduct a review of software code, looking for back doors, logic bombs, or other security vulnerabilities. In other cases, review and interpret the log files from application or database servers, seeking other signs of malicious activity, such as SQL injection attacks, privilege escalations, or other application attacks.

145
Q

Software Library

A

Controlled area only accessible for approved users

146
Q

Storage Area Network (SAN)

A

A subnetwork with storage devices servicing all servers on the attached network.

147
Q

Subscription Services

A

Third party, commercial services provide alternate backups and processing facilities. Most common of implementations!

148
Q

System Cold Start Failure

A

When an unexpected kernel or media failure happens and the regular recovery procedure

149
Q

System Reboot Failure

A

System shuts itself down in a controlled manner after detecting inconsistent data structures or runs out of resources

150
Q

System Recovery

A

1. Rebooting system in single user mode or recovery console, so no user access is enabled
2. Recovering all file systems that were active during failure
3. Restoring missing or damaged files
4. Recovering the required security characteristic, such as file security labels
5. Checking

151
Q

Terrorist Attacks

A

Purpose of a terrorist attack is to disrupt normal life and instill fear

152
Q

Thrill Attacks

A

Launched only for the fun of it. Pride, bragging rights

153
Q

Top Secret

A

Highly sensitive internal documents that could seriously damage the organization if such information were lost or made public

154
Q

True attack stimulus

A

An event that triggers an IDS to produce an alarm and react as though a real attack were in progress

155
Q

Trusted Recovery

A

Ensures that the security is not breached when a system crash or failure occurs. Only required for a B3 and A1 level systems.

156
Q

Tumbler Lock

A

Cylinder slot

157
Q

Types of Investigation

A
  • Operational
  • Criminal
  • Civil
  • eDiscovery
158
Q

US Law: 3 Branches

A

Legislative: writes (statutory laws)
Executive: enforces (administrative laws)
Juridical: interprets laws (makes common laws out of court decisions)

159
Q

US Law: 3 Categories

A

Criminal: individuals in violation; punishment mostly imprisonment
Civil: wrongs against individual or organization that result in a damage or loss. Punishment can include financial penalties. AKA tort (I’ll Sue You!) Jury decides liability
Administrative/Regulatory: – how industries, organizations and officers have to act. Wrongs can be penalized with imprisonment or financial penalties

160
Q

Victimology

A

Why certain people fall prey to crime and how lifestyle affects their chances

161
Q

Warded Lock

A

Hanging, with a key

162
Q

Raid 6

A

Does not require a hot spare drive or disk

163
Q

warez

A

piracy act of copying software from top notch brands and distributing over the Internet

164
Q

colocation cloud

A

Colocation cloud combines the benefits of colocation and cloud computing to provide a comprehensive solution that addresses the limitations of traditional data management approaches.

165
Q

blue team

A

defends from attacks

166
Q

red team

A

attacks

167
Q

white team

A

handles security incidents