2.1 Explain the importance of security concepts in an enterprise environment

Question 1

Diagrams

Answer 1

a graphical diagram that maps out the network, physical data (server),
and device

Question 2

Baseline Config.

Answer 2

Documenting the security of a application (fire wall, patch levels, OS files) and checking for any deviations. (INTGREITY CHECK)

Question 3

Standard Naming Conventions

Answer 3

A set of rules/standards of what something is named. (Files, devices, users, ports)

Question 4

IP Schema

Answer 4

standardization for IP addressing. a way to assign IP address to users and devices without duplicating.

Question 5

Data Sovereignty

Answer 5

Data in that country is subject to the Laws of that country.

Question 6

Data Masking

Answer 6

is related to hiding original data by replacing data, mixing, shuffling so that the data is protected. (Data maybe visible on the server though)

Question 7

Data Encryption

Answer 7

Plain text is encrypted into a ciphertext (algorithm) only way to decipher it is with a KEY.

Question 8

Data at Rest

Answer 8

Data that is stored. If the data is stored it needs to be protected.

Question 9

Data in Transit/Motion

Answer 9

Data being sent over the network. Needs to be protected by TLS, IPsec, firewall, IPS

Question 10

Data in processing

Answer 10

Data actively used in memory (RAM, CPU).
This data is unencrypted because its in the memory.

Question 11

Tokenization

Answer 11

Replaces sensitive numbers with a set of different numbers. A tokenization sever authenticates those 2nd set of number. (not encrypted)

Question 12

IRM (information Rights Management )

Answer 12

Restricting what you do on a document such PDF, Microsoft docs, email messages.

Question 13

DLP (Data Loss Prevention)

Answer 13

Intelligent system that protects/prevents your data from leaving you network.

Question 14

Types of DLP

Answer 14

-Endpoint DLP data in use on a workstation (in and out)
-Network DLP in and out packets
-Blocks hardware (USB)
-Cloud DLP watches traffic, prevents data going to URLs, blocks malicious attacks
-Email DLP

Question 15

Geographical Considerations

Answer 15

Considering laws and regulations of where your data is stored.
-Access, recovery,

Question 16

Response and Recovery Controls

Answer 16

Documenting/identifying a attacks and containing it. (Reduces the impact of the attack)

Question 17

SSL/TLS Inspection

Answer 17

There is a client server that inspects incoming traffic before it reaches the client. Decrypts data at the firewall by using CA certificates.

Question 18

Hashing

Answer 18

One way encryption through a mathematical process. (there is no reversing it) Fixed length

Question 19

API Considerations

Question 20

Site Resiliency

Answer 20

having a Recovery site for data available when there is a disaster.

Question 21

Hot Site

Answer 21

A exact replica of the original site. data will be synchronized in real time (hard ware and infrastructure)

Question 22

Cold Site

Answer 22

A empty site that has little to no hardware or infrastructure. Will take weeks to be operational

Question 23

Warm site

Answer 23

Has some equipment for a recovery site. usually up within a few days

Question 24

Honeypots

Answer 24

A fake sever that attracts a attacker. designed to look like your actual server.

Question 25

Honeynet

Answer 25

A collection of a honeypots. Designed to look like a cooperate network.

Question 26

Honeyfiles

Answer 26

Files that send a alerts for unauthorized activity. (seem real)

Question 27

Fake telemetry

Answer 27

Fake traffic being sent over a network. Makes honeypots and honeynets look real

Question 28

DNS Sinkhole

Answer 28

Users that try to visit a malious site is redirected with a fake DNS so that you can identify the infected user. (combats Bots)