Security Architiciture

Question 1

Define Security Architicture

Answer 1

Design, structure, and behaviour of an organization’s information security environment

Question 2

On-Premises vs. Cloud Deployment

Answer 2

On-Premises
Traditional local infrastructure setup

Cloud
Delivery of computing services over the internet

Question 3

Cloud Security Considerations

Answer 3

 Shared Physical Server Vulnerabilities
 Inadequate Virtual Environment Security
 User Access Management
 Lack of Up-to-date Security Measures
 Single Point of Failure
 Weak Authentication and Encryption Practices
 Unclear Policies and Data Remnants

Question 4

Virtualization and Containerization

Answer 4

 Containerization benefits and risks
 Vulnerabilities like vm escape and resource reuse

Question 5

Serverless Computing

Answer 5

 Cloud provider manages server allocation
 Developers focus solely on writing code

Question 6

Microservices Architecture

Answer 6

 Collection of small, autonomous services
 Each performs a specific business process

Question 7

Software-Defined Network (SDN)

Answer 7

 Dynamic, programmatically efficient network
configuration
 Improves network performance and monitoring

Question 8

Infrastructure as Code (IaC)

Answer 8

 Automation of managing and provisioning technology
stack
 Software-driven setup instead of manual configuration

Question 9

Centralized vs. Decentralized Architectures

Answer 9

Benefits and risks of centralized and decentralized setups

Question 10

Internet of Things (IoT)

Answer 10

 Network of physical devices with sensors and
connectivity
 Enables data exchange among connected objects

Question 11

Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) purpose

Answer 11

ICS
 For industrial production

SCADA
 Subset of ICS

Question 12

Embedded Systems

Answer 12

 Dedicated computer system designed for specific
functions
 Part of a complete device system with hardware
components

Question 13

Cloud Computing and its advantages

Answer 13

Delivery of computing services over the internet, including servers, storage, databases, networking, software, analytics, and intelligence

Advantages
 Faster innovation
 Flexible resources
 Economies of scale

Question 14

Responsibility Matrix

Answer 14

Outlines the division of responsibilities between the cloud service provider and the customer

Question 15

Third-Party Vendors

Answer 15

Provides specialized services to enhance functionality, security, and efficiency of cloud solutions

Question 16

Hybrid Solutions and considerations

Answer 16

Combined on-premises, private cloud, and public cloud services, allowing workload flexibility

Considerations
 Sensitive data is protected
 Regulatory requirements are met
 Systems can communicate with each other
 The solution is cost-effectiveness

Question 17

On-Premise Solutions

Answer 17

Computing infrastructure physically located on-site at a business

Question 18

9 Key Considerations in Cloud Computing

Answer 18

1: Availability
 System’s ability to be accessed when needed

2: Resilience
 System’s ability to recover from failures

3: Cost
 Consider both upfront and long-term costs

4: Responsiveness
 Speed at which the system can adapt to demand

5: Scalability
 System’s ability to handle increased workloads

6: Ease of Deployment
 Cloud services are easier to set up than on-premises
solutions

7: Risk Transference
 Some risks are transferred to the provider, but
customers are responsible for security

8: Ease of Recovery
 Cloud services offer easy data recovery and backup
solutions

9: Patch Availability
 Providers release patches for vulnerabilities
automatically

Question 19

Cloud power

Answer 19

Cloud provider manages infrastructure, including power supply

Reduces customer costs and eliminates power management concerns

Question 20

Compute refers to

Answer 20

 Refers to computational resources, including CPUs,
memory, and storage

 Cloud providers offer various compute options to suit
different needs

Question 21

Remember re cloud computing, on-premises solutions and hybrid solutions.

Answer 21

 Cloud computing offers flexibility, scalability, and cost-
effectiveness
 On-premises solutions provide control and security but
can be expensive and challenging to maintain
 Hybrid solutions offer flexibility and control but require
considerations of security, compliance, interoperability,
and cost

Question 22

Cloud security - Shared Physical Server Vulnerabilities and its mitigations

Answer 22

In cloud environments, multiple users share the same physical server

Compromised data from one user can potentially impact others on the same server

Mitigation
 Implement strong isolation mechanisms (e.g.,
hypervisor protection, secure multi-tenancy)
 Perform regular vulnerability scanning, and patch
security gaps

Question 23

Cloud security - Inadequate Virtual Environment Security and its mitigation

Answer 23

Virtualization is essential in cloud computing

Inadequate security in the virtual environment can lead to unauthorized access and data breaches

Mitigation
 Use secure VM templates
 Regularly update and patch VMs
 Monitor for unusual activities
 Employ network segmentation to isolate VMs

Question 24

Cloud security - User Access Management

Answer 24

Weak user access management can result in unauthorized access to sensitive data and systems

Mitigation
 Enforce strong password policies
 Implement multi-factor authentication
 Limit user permissions (Principle of Least Privilege)
 Monitor user activities for suspicious behavior

Question 25

Cloud security - Lack of Up-to-date Security Measures

Answer 25

Cloud environments are dynamic and require up-to-date security measures Failure to update can leave systems vulnerable to new threats Mitigation  Regularly update and patch software and systems  Review and update security policies  Stay informed about the latest threats and best practices

Question 26

Cloud Security - Single Point of Failure

Answer 26

Cloud services relying on specific resources or processes can lead to system-wide outages if they fail Mitigation  Implement redundancy and failover procedures  Use multiple servers, data centers, or cloud providers  Regularly test failover procedures

Question 27

Cloud Security - Weak Authentication and Encryption Practices and mitigation

Answer 27

Weak authentication and encryption can expose cloud systems and data Mitigation  Use multi-factor authentication  Strong encryption algorithms  Secure key management practices

Question 28

Cloud security- unclear policies and mitigation

Answer 28

Unclear security policies can lead to confusion and inconsistencies in implementing security measures Mitigation  Develop clear, comprehensive security policies covering data handling, access control, incident response, and more  Regularly review and update policies and provide effective communication and training

Question 29

Cloud security - Data Remnants and mitigation

Answer 29

Data remnants is residual data left behind after deletion or erasure processes In a cloud environment, data may not be completely removed, posing a security risk Mitigation  Implement secure data deletion procedures  Use secure deletion methods  Manage backups securely  Verify data removal after deletion

Question 30

Define Virtualization

Answer 30

Emulates servers, each with its own OS within a virtual machine

Question 31

Define Containerization and its benefits

Answer 31

Containerization is a lightweight alternative, encapsulating apps with their OS environment Key Benefits  Efficiency and Speed  Portability  Scalability  Isolation  Consistency

Question 32

Two Types of Hypervisors

Answer 32

Type 1 (Bare Metal)  Runs directly on hardware (e.g., Hyper-V, XenServer, ESXi) Type 2 (Hosted)  Operates within a standard OS (e.g., VirtualBox, VMware)

Question 33

3 Virtualization Vulnerabilities

Answer 33

1: Virtual Machine (VM) Escape  Attackers break out of isolated VMs to access the hypervisor 2: Privilege Elevation  Unauthorized elevation to higher-level users 3: Live VM Migration  Attacker captures unencrypted data between servers

Question 34

Containerization Technologies

Answer 34

 Docker, Kubernetes, Red Hat OpenShift are popular containerization platforms  Revolutionized application deployment in cloud environments

Question 35

Securing Virtual Machines

Answer 35

 Regularly update OS, applications, and apply security patches  Install antivirus solutions and software firewalls  Use strong passwords and implement security policies  Secure the hypervisor with manufacturer-released patches  Limit VM connections to physical machines and isolate infected VMs  Distribute VMs among multiple servers to prevent resource exhaustion  Monitor VMs to prevent "Virtualization Sprawl”  Enable encryption of VM files for data safety and confidentiality

Question 36

What is Serverless?

Answer 36

Serverless computing doesn't mean no servers; it shifts server management away from developers Relies on cloud service providers to handle server management, databases, and some application logic

Question 37

Functions as a Service (FaaS) Model

Answer 37

Developers write and deploy individual functions triggered by events

Question 38

Benefits of Serverless

Answer 38

 Reduced operational costs  Pay only for compute time used, no charges when code is idle

Question 39

Cloud - Automatic scaling

Answer 39

Cloud provider scales resources based on workload, ensuring optimal capacity Focus on core product  Developers can concentrate on application functionality, not server management Faster time to market  Reduced infrastructure concerns speed up application development

Question 40

Serverless challenges and risks

Answer 40

Vendor Lock-in  Reliance on proprietary interfaces limits flexibility and may increase costs Immaturity of best practices  Serverless is a relatively new field, and best practices are still evolving

Question 41

Not a one-size-fits-all solution

Answer 41

Consider the specific needs and requirements of your application; serverless introduces challenges like Vendor Lock-in and service provider dependencies

Question 42

Microservices

Answer 42

Architectural style for breaking down large applications into small, independent services Each microservice runs a unique process and communicates through a well-defined, lightweight mechanism Contrasts with traditional monolithic architecture, where all components are interconnected Each service in the microservice architecture is self-contained and able to run independently

Question 43

3 Advantages of Microservices

Answer 43

1: Scalability  Services can be scaled independently based on demand 2: Flexibility  Microservices can use different technologies and be managed by different teams 3: Resilience  Isolation reduces the risk of system-wide failures 4: Faster Deployments and Updates  Independent deployment and updates allow for agility and reduced deployment risk

Question 44

4 challenges to microservices

Answer 44

1: Complexity  Managing multiple services involves inter-service communication, data consistency, and distributed system testing 2: Data Management  Each microservice can have its own database, leading to data consistency challenges 3: Network Latency  Increased inter-service communication can result in network latency and slower response times 4: Security  The distributed nature of microservices increases the attack surface, requiring robust security measures

Question 45

Define Network Infrastructure

Answer 45

Backbone of modern organizations Comprises hardware, software, services, and facilities for network support and management

Question 46

Network Physical Separation

Answer 46

 Security measures to protect sensitive information  Often referred to as "Air Gapping”  Isolates a system by physically disconnecting it from all networks  Physical separation is one of the most secure methods of security, but it is still vulnerable to sophisticated attacks

Question 47

Logical Separation

Answer 47

 Establishes boundaries within a network to restrict access to certain areas  Implemented using firewalls, VLANs, and network devices

Question 48

Physical and logical separation comparison

Answer 48

Physical Separation (Air-Gapping)  High security, complete isolation Logical Separation  More flexible, easier to implement  Less secure if not configured properly

Question 49

Software-Defined Network (SDN)

Answer 49

Revolutionary approach to network management Enables dynamic, programmatically efficient network configuration Improves network performance and monitoring Reduces complexity in static and inflexible network architectures Provides a centralized view of the entire network

Question 50

Software-Defined Network (SDN) architecture

Answer 50

Decouples network control and forwarding functions

Question 51

Three Distinct Planes in Software-Defined Network (SDN)

Answer 51

1: Data Plane (Forwarding Plane)  Responsible for handling data packets  Makes decisions based on protocols like IP and Ethernet  Concerned with sending and receiving data 2: Control Plane  Centralized decision-maker in SDN  Dictates traffic flow across the entire network  Replaces traditional, distributed router control planes  Increases network manageability and flexibility 3: Application Plane  Hosts all network applications that interact with the SDN controller  Applications instruct the controller on network management  Controller manipulates the network based on these instructions

Question 52

Infrastructure as Code (IaC)

Answer 52

Modern approach to IT infrastructure management Automates provisioning and management through code Used in DevOps and with cloud computing

Question 53

Infrastructure as Code (IaC) methods

Answer 53

Developers and ops teams manage infrastructure through code Code files are versioned, tested, and audited High-level languages like YAML, JSON, or domain-specific languages (e.g., HCL) used Idempotence ensures identical environments Idempotence means  Operation consistently produces the same results  Crucial for consistency and reliability in multiple environments

Question 54

Infrastructure as Code (IaC) benefits

Answer 54

 Speed and Efficiency  Consistency and Standardization  Scalability  Cost Savings  Auditability and Compliance

Question 55

3 Infrastructure as Code (IaC) challenges

Answer 55

1: Learning Curve  New skills and mindset required  Teams learn to write, test, and maintain infrastructure code 2: Complexity  Infrastructure code can become complex  Mitigated with modularization and documentation 3: Security Risks  Sensitive data exposure in code files  Insecure configurations may be introduced

Question 56

Centralized Architecture components and its benefits and risks

Answer 56

Centralized Architecture All computing functions managed from a single location or authority Components  Central Server  Mainframe  Data Center  Data and applications stored in one place, accessed via a network Benefits  Efficiency and Control  High resource control and efficient resource allocation  Consistency  Ensures uniform and accurate data across the organization  Cost-effective  Reduced maintenance and infrastructure costs Risks  Single Point of Failure  Server failure can disrupt the entire network  Scalability Issues  Struggles to handle growth, leading to performance problems

Question 57

Decentralized Architecture benefits and risks

Answer 57

Decentralized Architecture Computing functions distributed across multiple systems or locations No single point of control; each node operates independently Benefits  Resilience  Can continue functioning despite individual node failures  Scalability  Easily scales with organization growth by adding new nodes  Flexibility  Supports remote work and distributed teams Risks  Vulnerable to security threats, especially in remote work scenarios  Management Challenges  Complex management, coordinating multiple nodes  Data Inconsistency  Potential issues with data consistency and synchronization

Question 58

Considerations for Choosing Architecture

Answer 58

Choice depends on the organization's specific needs and context Centralized systems for  Data accuracy and resource management priorities Decentralized systems for  Resilience, flexibility, and rapid scaling needs

Question 59

Define Internet of Things (IoT)

Answer 59

Network of physical devices with sensors, software, and connectivity Enables data exchange among connected objects

Question 60

IOT Hub/Control System

Answer 60

 Central component connecting IoT devices  Collects, processes, analyzes data, and sends commands  Can be a physical device or software platform

Question 61

IoT Risks

Answer 61

Weak Default Settings  Common security risk  Default usernames/passwords are easy targets for hackers  Changing defaults upon installation is essential Poorly Configured Network Services  Devices may have vulnerabilities due to open ports, unencrypted communications  Unnecessary services can increase attack surface  Keeping IoT devices on a separate network is recommended

Question 62

Industrial Control Systems (ICS)

Answer 62

Systems used to monitor and control industrial processes, found in various industries like electrical, water, oil, gas, and data

Question 63

Distributed Control Systems (DCS)

Answer 63

Used in control production systems within a single location

Question 64

Programmable Logic Controllers (PLCs)

Answer 64

Used to control specific processes such as assembly lines and factories

Question 65

Supervisory Control and Data Acquisition (SCADA) Systems and its risks/vulnerabilities

Answer 65

Type of ICS designed for monitoring and controlling geographically dispersed industrial processes Common in industries like  Electric power generation, transmission, and distribution systems  Water treatment and distribution systems  Oil and gas pipeline monitoring and control systems Risks and Vulnerabilities Unauthorized Access  Unauthorized individuals can manipulate system operations without proper protection Malware Attacks  Vulnerable to disruptive malware attacks Lack of Updates  Running outdated software with unpatched vulnerabilities Physical Threats  Susceptible to damage to hardware or infrastructure

Question 66

5 was to secure Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) Systems

Answer 66

1: Implement Strong Access Controls  Strong passwords  Two-factor authentication  Limited access to authorized personnel only 2: Regularly Update and Patch Systems  Keep systems updated to protect against known vulnerabilities 3: Use Firewall and Intrusion Detection Systems  Detect and prevent unauthorized access 4: Conduct Regular Security Audits  Identify and address potential vulnerabilities through routine assessments 5: Employee Training  Train employees on security awareness and response to potential threats

Question 67

Real-Time Operating System (RTOS)

Answer 67

Designed for real-time applications that process data without significant delays Critical for time-sensitive applications like flight navigation and medical equipment

Question 68

4 Risks and Vulnerabilities in Embedded Systems

Answer 68

1: Hardware Failure  Prone to failure in harsh environments 2: Software Bugs  Can cause system malfunctions and safety risks 3: Security Vulnerabilities  Vulnerable to cyber-attacks and unauthorized access 4: Outdated Systems  Aging software and hardware can be more susceptible to attacks

Question 69

Key Security Strategies for Embedded Systems

Answer 69

1: Network Segmentation  Divide the network into segments to limit potential damage in case of a breach 2: Wrappers (e.g., IPSec)  Protect data during transfer by hiding data interception points 3: Firmware Code Control  Manage low-level software to maintain system integrity 4: Challenges in Patching  Updates face operational constraints; OTA updates demand meticulous planning and security measures 5: Over-the-Air (OTA) Updates  Patches are delivered and installed remotely