Security Architecture

Question 1

RISO/IEC 27001

Answer 1

Global enterprises/companies. Information security management system (ISMS)

Question 2

NIST (CSF)

Answer 2

National Institute of Standards and Technology. Cybersecurity Framework. For U.S government. Best rick managment guidlines

Question 3

CIS Controls

Answer 3

Netowork, OS. Business. IT security teams (what rules they have in security)

Question 4

PCI-DSS

Answer 4

Payment Card Industry Data Security System. Protecting credit card transactions. Banks

Question 5

HIPAA

Answer 5

Health Insurance Portability & Accountability Act. Healthcare data security. Hospitals

Question 6

MITRE & CK

Answer 6

Rules for SOC teams, cyber threats analysts.

Question 7

5 Core functions of NIST

Answer 7

1. Identify
2. Protect.
3. Detect.
4. Respond
5. Recover

Question 8

Bell - LAPadula Model

Answer 8

enforces confidentiality (no read up, no write down). Military and goverment.

Question 9

Biba Model

Answer 9

Enforces integrity. no write up no read dow. Preventing low trust users

Question 10

Clark- Wilson Model

Answer 10

Ensures well-formed transactions & seperation of duties. Financial transactions

Question 11

Brewer-Nash Model (CHinese Wall)

Answer 11

Prevents conflicts of interests in data access (Financial and legal companies)

Question 12

MAC

Answer 12

Mandatory Access Control - restricts access based on security labels. Goverment/military

Question 13

DAC

Answer 13

Discretionary AC. User based permission control. WIndows file sharing

Question 14

RBAC

Answer 14

Role Based AC - access based on job positions. Companies.

Question 15

ABAC

Answer 15

Attribute-Based AC - location, device, risk level. Cloud security, dynamic access policies.

Question 16

CIA

Answer 16

Confidentiality - protects from unauthorized access
Integrity - data remains accurate and unaltered
Availability - data and system as accessible when needed

Question 17

Data Classification Levels

Answer 17

1. Public - no restrictions (marketings sites)
2. Internal Use Only - low risk (company polices
3. Confidential - restriced to specific groups in company
4. Highly Confidential - govermnet secrets, financial data

Question 18

Symetric encryption

Answer 18

Uses SINGLE (public) key. (AES-256 for file encrypting) (fast, less secure)

Question 19

Asymetric encryption

Answer 19

Uses a public and private key pair. RSA for email encryption.

public encrypts. private decrypts

Question 20

Transport Encryption

Answer 20

encrypts data in transit (TLS, SSL for web browsing)

Question 21

Disk encryption

Answer 21

encrypts data at rest (BitLocker, FileVault)

Question 22

DLP

Answer 22

Data Loss Prevention

Question 23

Endpoint DLP

Answer 23

protects data on DEVICES (blocks usb driverse, screnshots)

Question 24

Network DLP

Answer 24

monitoring data leaving the network

Question 25

Cloud DLP

Answer 25

no cloud leaks

Question 26

BDR

Answer 26

Backup and Disaster Recovery

Question 27

3-2-1 Rule

Answer 27

3 copies of data. 2 on different storage types (one cloud, second on sdd disk). third one is offsite.

Question 28

DRP (Disaster Recovery Plan)

Answer 28

Plan to recover from data loss events.

Question 29

Full Backup

Answer 29

Copies entire system (once a week)

Question 30

Incremental Backup

Answer 30

Saves only the changes from the last backup.

Question 31

Differential Backup

Answer 31

Saves all the changes since the last full backup

Question 32

Tokenization

Answer 32

replaces real data with tokens. (used in credit cards)

Question 33

Masking

Answer 33

hides parts of data. (only show last 4 digits of social security number)

Question 34

GDPR

Answer 34

General Data Protection Regulation - protects EU citizens data privacy.

Question 35

CCPA

Answer 35

California Consumer Privacy Act - granst california residents contorl over personal data.

Question 36

SOX

Answer 36

integrity of financial records for public comapnies

Question 37

RPO

Answer 37

Recovery Point Objective. Maximum data loss allowed. (how much data is allowed to be lost. Measure in time "we can only lose 30 min of data")

Question 38

RTO

Answer 38

Recovery Time Objective. Maximum downtime allowed.

Question 39

HA

Answer 39

High Availability. Ensures continious system availability through failover mechanisms.

Question 39

Redundancy

Answer 39

Having Backups systems in place (multiple data centers)

Question 40

IRP

Answer 40

Incident Response Planning. Documented procedues for responding to security procedures.

Question 41

Security awarness training

Answer 41

Train your employees to recognize threats

Question 42

ZTA

Answer 42

Zero Trust Architecture. Every access if verified.

Question 43

Disaster Recovery Plan Steps (DRP)

Answer 43

1. Risk Assessment - identify threats 2. Business Impact Analysis (BIA) - Evaluate impact of a disasters 3. Recovery Strategies - backup sollutions, failover systems, 4. Testing&Training - ensure rediness 5. Plan Maintenance - update the plan regularly based on learned lessons.

Question 44

Failover systems

Answer 44

automatically switch to a standby system in case of failure.

Question 45

Clustering

Answer 45

Many servers work together as a single system

Question 46

RAID

Answer 46

Redundant Array of Independent Disks. protects against disk failures

Question 47

Need to Know

Answer 47

Restricts access within a role if unnecessary