Understanding Data access and management

Question 1

What is public cloud?

Answer 1

web based service hosted outside your org and accessible at anytime anywhere
Eg - Azure, OneDrive, Office365

Question 2

What does an Admin account account allow you to do?

Answer 2

Admin allows access to services and programs without additional overhead of maintenance and software upgrades

Question 3

What is onedrive?

Answer 3

file hosting online, create files and folders and share them with other users and groups. Offers 5gb of free space

Question 4

What is onenote?

Answer 4

multiple users access to shared set of notes at the same time
Outlook Web Access on web browser

Question 5

What is office 365?

Answer 5

subscription based service. Offers office, exchange, SharePoint, skype and office web apps

Question 6

What is azure?

Answer 6

Public cloud
Cost is based on amount of data and requests made
Storage spaces combine multiple disks into a single logical volume
Drivers combined are placed into a storage pool

Question 7

What are file systems?

Answer 7

Method of storing and organizing files for easy access

Question 8

What are some of the file systems available?

Answer 8

Windows 10 supports FAT16, FAT32, NTFS and ReFS

Question 9

WHat is NTFS?

Answer 9

Preferred as supports larger hard disks and higher reliability
permissions and encryption
control to which users and groups can gain access to files and folders on an NTFS volume
Affect local users and network users
Explicit permissions - directly to a file or folder
Inherited permissions - directly to a folder that flows into subfolders

Question 10

What is basic file sharing?

Answer 10

share file/folder with a specific user and restrict to read or read/write

Question 11

What is advanced sharing?

Answer 11

offers greatest control by allowing you to: share files/files/entire drives, chose users or groups to share with, limit number of users to the file/folder, set permissions on shared files
For offline view go to advanced settings

Question 12

What is home group?

Answer 12

Group of computers on a home network that can share files and printers
Quite limited as you can only share the contents of the libraries in the users profile

Question 13

What is symmetric data encryption?

Answer 13

single key to encrypt and decrypt

Question 14

What is asymmetric encryption?

Answer 14

public key - two related keys

Question 15

What is hash?

Answer 15

one way encryption

Question 16

What are digital certificates?

Answer 16

Component that stores public key for asymmetric
Identify a person or organization
Ensure something cannot be modified
X.509 version 3
AD CS allows you to issue and manage certificates
PKI public key infrastructure - system consisting of hardware, software, policies and procedures to mange certificates
Certificate Authority CA binds a public key with user identities and issues digital certificates containing public key
Enterprise CA requires AD and used to issue certificates to users, computers, devices and servers for an organization

Question 17

What is bitlocker to go?

Answer 17

USB removable devices

TPM chip is not required - not using removable drive as a boot device

Question 18

What is a vpn?

Answer 18

Remote access server RAS - enables users to connect remotely to a network using protocols and connection types
VPN - private network using a public network
VPN tunneling - establish and maintain a logical network connection - PPTP, L2TP/IpSec, SSTP and IKEv2

Question 19

What is VPN authentication?

Answer 19

Password Authentication Protocol PAP - uses plain text (unencrypted passwords. Least secure and is not recommended
Challenge Handshake Authentication Protocol CHAP - challenge response authentication that uses standard md5 hashing to encrypt response.
CHAP v2 - two way authentication. Stronger security than CHAP.
Extensible Authentication Protocol EAP-MS-CHAPv2 - universal authentication framework that allows thirs party vendors to develop custom schemes eg retinal scans, voice activation, fingerprint scan, smart cards, Kerberos and digital certificates.

Question 20

What is non-repudiation?

Answer 20

Prevents one party from denying the actions it has carried out. If you have established proper authentication, authorization, and accounting, appropriate mechanisms of nonrepudiation should be in place and no user should be able to deny the actions he has carried out while in your organization’s system.

Question 21

When should you use DAC (dynamic access control)?

Answer 21

You should use DAC when you need different access permissions based on the type of device used to access network resources. You can configure DAC access permissions through rules based on factors such as data sensitivity.