Segmentation and Access Control 2.5

Question 1

Ways to Segment a Network

Answer 1

• Physical
• Logical
• Virtual Segmentation

Question 2

Segmentation for Performance

Answer 2

• To get the best possible performance for high-bandwidth applications.

Question 3

Segmentation for Security

Answer 3

• Prevent general users or specific users from accessing directly the database servers.
• The application server communicates to the database server.

Question 4

Segmentation for Compliance

Answer 4

• Some segmentation is required for set up due to a mandate, company policy, or established procedures.

Question 5

Access Control List (ACL)

Answer 5

• A list with an associated with an object
• Identifies which user has access to the system and what actions they can perform.

Question 6

Purpose of an ACL

Answer 6

• Allow or disallow certain types of traffic.
• Restrict access to network devices either on the user’s level of access or through their IP addresses.

Question 7

Application Blocklist/Deny List

Answer 7

• Essentially noting which applications should not be allowed to run on the machine or system.

Question 8

Whitelisting/Application Allow List

Answer 8

• A list of approved applications.
• If not on the Whitelist, access is denied and won’t run and install onto the system.

Question 9

Allow and Deny List thru OS

Answer 9

• Decisions are made in the operating system.
• Often built-in to the operating system management.

Question 10

Allow and Deny Lists thru App Hash

Answer 10

• Only allows applications with a unique designated identifier.

Question 11

Allow and Deny Lists thru Certificate

Answer 11

• Allow digitally signed apps from certain publishers.

Question 12

Allow and Deny Lists thru Path

Answer 12

• Only allow certain applications which follow a specific path on the file directory.

Question 13

Allow and Deny Lists thru Network Zones

Answer 13

• Allow applications to run and install based on if they’re coming from a private or public network