Week 5/6 Flashcards
Defense in depth
The concept of having multiple, overlapping systems of defense to protect IT systems
Attack vector
Method or mechanism by which an attacker or malware gains access to a network or system
Attack surface
Sum of all the different attack vectors in a given system
Host based firewalls
Protect individual hosts from being compromised when they’re used in untrusted, potentially malicious environments
SIEMS
Centralized log server for security purposes
Full disk encryption
Works by automatically converting data on a hard drive into a form that cannot be understood by anyone who doesn’t have the key to undo the conversation
Key escrow
Allows the encryption key to be securely stored for later retrieval by an authorized party
The six PCI DSS objectives
- Build and maintain a secure network and systems
- Protect cardholder data
- Maintain a vulnerability management program
- Implement strong access control measures
- Regularly monitor and test networks
- Maintain an information security policy
Security in an IT setting
Determining risks or exposure; understanding the likelihood of attacks; and designing defenses around these risks to minimize the impact of an attack
Vulnerability scanner
A computer program designed to assess computers, computer systems, networks or applications for weaknesses
Penetration testing
The practice of attempting to break into a system or network to verify the systems in place
Privacy policies
Oversee the access and use of sensitive data
Data handling policies
should cover the details of how different data is classified
Fist step in handling an incident?
Detecting it
Second step of incident handling?
Containment
