Segmentation And Isolation Flashcards
Enclave
Security zone type, this is a restricted network within a trusted network
Micro-segmentation
Method of creating zones within data Centres and cloud environments to isolate workloads from one to another and secure them individually
Security zone
This is a decision of network based functional performance and/or security requirements. Security zones are enforced by firewall incoming (ingress) and outcoming (egress) access control list (ACL) rules
protect surface
Micro-segmentation type, is made up of the networks - most critical and vulnerable data, assets, applications, services. It is always knowable
Untrusted
Security zone type, an untrusted network is one which the organization has no control over
Segmentation
Used for creating and enforcing security principles and policies, controlling information flow and securing network access
Air gapped
Security zone type. This network does not have connection to any untrusted network
Physically isolated network
Security network zone type, this network does not have connection to any other network
East-west micro-segmentation
Refers to a traffic within a data center and cloud
Logical isolation
VLAN - virtual local area network, divides a single existing network into multiple logical network segments which can be restricted. Broadcast domains are portioned and isolated at the data link layer
Trusted network
Security zone type, is one which the organization has complete control over
Virtualization in isolation
Creates multiple environments from a physical hardware system, provide fault and secure isolation at the hardware level including memory or CPU access
North-south
Micro-segmentation type, refers to the traffic that flows into data centers or cloud
Isolation
Is when zones, devices , sessions need to be segregated , so as not to cause harm or to be harmed
Zero-Trust
Micro segmentation - allows for the implementation of zero trust protect surface environments. Authentication is always required and enforces least privilege access
