Explain Important System and Network Architecture Concepts

Question 1

System Hardening

Answer 1

A process of making a host or app configuration secure by reducing its attack surface, through running only necessary services, installing monitoring software to protect against malware and intrusions, and establishing a maintenance schedule to ensure the system is patched to be secure against software exploits.

Question 2

Containers

Answer 2

An operating system virtualization deployment containing everything required to run a service, application, or microservice.

Question 3

Microservices

Answer 3

A software architecture where components of the solution are conceived as highly decoupled services not dependent on a single platform type or technology.

Question 4

Application Virtualization

Answer 4

A software delivery model where the code runs a server and is streamed to a client

Question 5

Serverless

Answer 5

A software architecture that runs functions within virtualized runtime containers in a cloud rather than on dedicated server instances.

Question 6

Virtual Private Cloud(VPC)

Answer 6

A private network segment made available to a single cloud consumer on a public cloud.

Question 7

Software-Defined Networking(SDN)

Answer 7

APIs and compatible hardware/virtual appliances allowing for programmable network appliances and systems.

Question 8

Secure Access Service Edge(SASE)

Answer 8

A networking and security architecture that provides secure access to cloud applications and services while reducing complexity. It combines security services like firewalls, identity and access management, and secure web gateway with networking services such as SD-WAN.

Question 9

Out-of-Band Mechanisms

Answer 9

Use of a communication channel that is different than the one currently being used.

Question 10

In-band Authentication

Answer 10

Use of a communication channel that is the same as the one currently being used.

Question 11

Single Sign-On(SSO)

Answer 11

Authentication technology that enables a user to authenticate once and receive authorizations for multiple services.

Question 12

Privileged Access Management(PAM)

Answer 12

Policies, procedures, and support software for managing accounts and credentials with administrative permissions.

Question 13

Federation

Answer 13

A process that provides a shared login capability across multiple systems and enterprises. It essentially connects the identity management services of multiple systems.

Question 14

OpenID

Answer 14

An identity federation method that enables users to be authenticated on cooperating websites by a third-party authentication service.

Question 15

Security Assertion Markup Language(SAML)

Answer 15

An XML-based data format used to exchange authentication information between a client and a service.

Question 16

Simple Object Access Protocol(SOAP)

Answer 16

An XML-based web services protocol that is used to exchange messages.

Question 17

Cloud Access Security Broker(CASB)

Answer 17

Enterprise management software designed to mediate access to cloud services by users across all types of devices.

Question 18

Forward Proxy

Answer 18

A server that mediates the communications between a client and another server. It can filter and often modify communications as well as provide caching services to improve performance.

Question 19

Reverse Proxy

Answer 19

A type of proxy server that protects servers from direct contact with client requests.

Question 20

Data Loss Prevention(DLP)

Answer 20

A software solution that detects and prevents sensitive information from being stored on unauthorized systems or transmitted over unauthorized networks.

Question 21

Personally Identifiable Information(PII)

Answer 21

Data that can be used to identify or contact an individual (or, in the case of identity theft, to impersonate them).

Question 22

Protected Health Information(PHI)

Answer 22

Data that can be used to identify an individual and includes information about past, present, or future health, as well as related payments and data used in the operation of a healthcare business.

Question 23

Personal Identifiable Financial Information(PIFI)

Answer 23

Personal information about a consumer provided to a financial institution that can include account number, credit/debit card number, name, social security number and other information.

Question 24

Cardholder Data(CHD)

Answer 24

Any type of personally identifiable information (PII) associated with a person who has a payment card, such as a credit or debit card.

Question 25

Intellectual Property(IP)

Answer 25

Data that is of commercial value and can be granted rights of ownership, such as copyrights, patents, and trademarks.

Question 26

Public Key Infrastructure(PKI)

Answer 26

Framework of certificate authorities, digital certificates, software, services, and other cryptographic components deployed for the purpose of validating subject identities.

Question 27

Secure Socket Layer(SSL)

Answer 27

The original, obsolete version of the security protocol now developed as TLS.