Concepts of SCI

Question 1

What is the zero trust philosophy?

Answer 1

“trust no one, verify everything”

Question 2

What are the zero trust guiding principles?

Answer 2

1. Verify explicitly (AuthN and AuthZ on all available data pts.)
2. Least privileged access (limit access with JIT/JEA, risk-based adaptive policies, data protection)
3. Assume breach (segment access by network, user, device. Use encryption. Use analytics for visibility and threat detection)

Question 3

What are the six zero trust foundational pillars?

Answer 3

• Identities
• Devices
• Applications
• Network
• Infrastructure
• Data

Question 4

Describe defense in depth

Answer 4

A layered approach to security that uses a series of protection at each layer to slow the advance of an attack. If one layer is breached, the next will prevent unauthorized access to data.

Example layers = Physical, identity and access, perimeter, network, compute, application, data.

Question 5

Describe CIA

Answer 5

CIA = confidentiality, integrity, and availability.

Represent security trade-offs around keeping data confidential, ensuring it’s correct, and making it available to those that need it.

Question 6

Describe encryption methods

Answer 6

• Symmetric (same key) and Asymmetric (public + private key pairs)

Encryption of data can be ‘at rest’ and ‘in transit’,

Question 7

Describe hashing.

Answer 7

Algorithm for converting plain text to a unique fixed-length hash value. The hash value serves as a unique identifier of the original text without needing to store the original text. e.g. used for storing passwords securely.

Question 8

Describe Identity.

Answer 8

How someone or something can be authenticated and verified to be who they say they are.

Question 9

Define identity as the security perimeter

Answer 9

The on-prem network is no longer the security perimeter. you now have e.g.

• SaaS applications hosted outside of the network
• BYOD accessing the network from home.
• Unmanaged devices from partners collaborating with employees.
• IoT devices in corporate networks and customer locations.

Question 10

Describe the four pillars of IAM

Answer 10

• Administration (manage how and when to create, update. delete identities)
• AuthN (how much assurance)
• AuthZ (determine access)
• Auditing (tracking who does what, when, where, and how)

Question 11

Describe modern authentication and the role of the identity provider

Answer 11

AuthN and AuthZ methods between client and server with the IdP.

Central IdP enables SSO, federation.

Question 12

Describe federated services

Answer 12

Federation enables access across domains by establishing trust relationships between identity providers.

Question 13

Describe compliance concepts of data residency, sovereignty, and privacy

Answer 13

Residency: where data can be stored, processed.

Sovereignty: data subject to laws where it is collected, held, processed.

Privacy: notice and transparency about collection, use, sharing of personal data.

Question 14

Describe the shared responsibility model

Answer 14

Identifies which tasks are customers responsibility and which are the cloud providers.

Info and data, devices, and accounts and identities are always the customer’s responsibility.

Question 15

Define authentication and authorization

Answer 15

Authentication: proving a person is who they say they are

Authorization: determines the level of access or permissions