Sec + 3 Flashcards
(32 cards)
What is vm sprawl? How to prevent?
Vm getting too big to protect.
Access control, segmentation.
What is a cloud access security broker?
Fosters relationship between business and the cloud
Supply chain problems
Bad provider
Bad hardware
Bad software
Weak configs
What is session replay? And how to prevent?
Stealing tokens, like cookies, to use later. Kerberos prevents it.
What is a collision attack?
2 docs with same hash. 1 malicious, 1 benign and signing the benign one and switching it with the malicious one.
Ways to segment systems
- Physical
- Vlan
- Subnetting
- Micro-segmentation
Hardening techniques in general
Encryption
Continuous monitoring
Threat detection
Alert generation
Response and remediation
Real time threat mitigation
Endpoints visibility
Firewall
Ips, ids
Diable unused ports
Removal of unnecessary software and hardware
How to secure a network?
Firewalls
ACL’s
Ids, ips
Siem
How to secure endpoints
- Anti-virus
- Edr
- mobile device management mdm
- multi factor I’d, mfa
What is a community cloud?
Multiple companies share a cloud.
What are the 5 cloud services?
- IaaS, infrastructure. Gives most control
- SaaS, software as a service hosts an app like Salesforce
- PaaS, platform, tools to build apps
- SaaS, security
- XaaS, anything.
Vendor security issues
Company vulnerabilities
Software vulnerabilities
Compliance challenges
Vendor downtime or problems
What is IaC?
Infrastructure as code. Resources are managed and provisioned with code. This allows automation to eliminate manual necessity.
IoT problems?
No standardization
Data privacy concerns
Unsecured communication
Lifecycle management
Physical attacks
Supply chain risks
User awareness
What is a software defined wide area network?
Encrypting data across the wan
2 Load balancer states
- Active/active. Many working together. If 1 fails the others take over.
- Active/passive. Passive takes over when Active fails
What is clustering?
Grouping multiple servers or nodes together to operate as a single system.
How does clustering work?
Has an active node and a passive node that share a disc, called a quorum. Watched by a witness server to see if the active node goes down with a heartbeat communicator and a virtual ip.
What is local redundant storage?
3 copies in single zone.
What is zone redundant storage?
3 copies in 3 zones in same region
What is georedundant storage?
Storing in three separate regions
What are the benefits of platform diversity?
Redundancy
Adaptability
Threat resilience
Enhanced recovery
Compliance
Benefits of multi cloud systems?
Less downtime
Flexibility and choice
Cost optimization
Avoid Vendor lock in
Downside of multi cloud systems?
Complexity
Security and compliance
Cost
Integration
