Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

SRE > Security > Flashcards

Security Flashcards

1
Q

Can you explain how a Zero Trust security model works?

A
  • assumes no user or system, whether inside or outside the organization’s network, can be inherently trusted
  • focuses on continuous verification and validation of users, devices, and applications before granting access
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
1
Q

How does Zero Trust differ from traditional perimeter-based security approaches?

A
  • in perimeter-based security protection is concentrated around the network perimeter
  • Zero Trust secures data and resources wherever they are located
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

How would you approach implementing Zero Trust principles in a complex and distributed system architecture?

A
  1. start by identifying critical assets and data flows
  2. segment the network into smaller trust zones, employing micro-segmentation to restrict lateral movement
  3. Multi-factor authentication (MFA) would be enforced for access
  4. least privilege principles applied to limit permissions
  5. Monitoring and logging mechanisms would track user and system behavior for anomalies
  6. Conduct regular vulnerability assessments and penetration testing
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Could you discuss the best practices to ensure the security of container images and orchestration platforms like Kubernetes?

A
  1. ensure only trusted images are used
  2. implement a vulnerability scanning process for images
  3. replace containers rather than patching them (immutable infrastructure)
  4. Configure Kubernetes cluster with role-based access control (RBAC) and network policies to enforce isolation
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

How do you secure microservices communication and manage authentication and authorization in such a dynamic setup?

A
  1. implement secure communication channels using HTTPS, mutual TLS authentication, or service mesh solutions
  2. create fine-grained access controls based on roles and permissions
  3. Use tokens for authentication and authorization
  4. Use API Gateways to manage access and provide a central point for security enforcement
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Can you describe your approach to conducting threat modeling exercises?

A
  1. Start by defining the system’s architecture and data flows
  2. brainstorm potential threats and attack vectors, considering factors like data breaches, unauthorized access, and denial of service attacks
  3. evaluate each threat’s likelihood and potential impact
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

How do you ensure comprehensive coverage of attack vectors and prioritize mitigation strategies effectively?

A
  1. involve cross-functional teams, including developers, security experts, and business stakeholders
  2. prioritise based on a risk assessment
  3. consider factors like the impact on confidentiality, integrity, and availability of data
  4. implement mitigation strategies
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Can you walk through the steps you’d take in a real-time scenario where a data breach has occurred?

A
  1. Detection and Identification
  2. Containment
  3. Eradication
  4. Recovery
  5. Communication
  6. Analysis and Lessons Learned
  7. Improvement
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

How would you design and implement an effective security training program for developers and non-technical staff?

A
  1. Customisation
  2. Hands-on Workshops
  3. Gamification
  4. Metrics and Feedback
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

SRE (23 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions