Segmentation and Access Control 2.5 Flashcards
1
Q
Ways to Segment a Network
A
- Physical
- Logical
- Virtual Segmentation
2
Q
Segmentation for Performance
A
- To get the best possible performance for high-bandwidth applications.
3
Q
Segmentation for Security
A
- Prevent general users or specific users from accessing directly the database servers.
- The application server communicates to the database server.
4
Q
Segmentation for Compliance
A
- Some segmentation is required for set up due to a mandate, company policy, or established procedures.
5
Q
Access Control List (ACL)
A
- A list with an associated with an object
- Identifies which user has access to the system and what actions they can perform.
6
Q
Purpose of an ACL
A
- Allow or disallow certain types of traffic.
- Restrict access to network devices either on the user’s level of access or through their IP addresses.
7
Q
Application Blocklist/Deny List
A
- Essentially noting which applications should not be allowed to run on the machine or system.
8
Q
Whitelisting/Application Allow List
A
- A list of approved applications.
- If not on the Whitelist, access is denied and won’t run and install onto the system.
9
Q
Allow and Deny List thru OS
A
- Decisions are made in the operating system.
- Often built-in to the operating system management.
10
Q
Allow and Deny Lists thru App Hash
A
- Only allows applications with a unique designated identifier.
11
Q
Allow and Deny Lists thru Certificate
A
- Allow digitally signed apps from certain publishers.
12
Q
Allow and Deny Lists thru Path
A
- Only allow certain applications which follow a specific path on the file directory.
13
Q
Allow and Deny Lists thru Network Zones
A
- Allow applications to run and install based on if they’re coming from a private or public network