Thing i dont know Flashcards
(20 cards)
What DKIM
Allows sender to have domain name to authenticate they are sending it.
What is MTA
Mail Transfer agent is responsible for transferring and routing emails between servers and it does employ cryptographic signatures
What is DMARC?
It build within DKIM and SPF and only handles the mails doesn’t authenticate with SPF and DKIM
What is RPO
The maximum acceptable amount of data loss measured in time
What is MTBF
Measures the average operation period between failures
RTO
the amount of time it take to restore its data and business activities after the disaster has happened
What is technical debt?
this is when you choose quick and easy solutions rather than picking more scalable approaches
What is UTM
this when you use one cybersecurity solution for multiple security needs
Configuration enhancement
Does not allow user to make changes by applying predefined security rules
Difference between insider threat and shadow threat?
insider threats is within a company trying to misuse his access whereas a shadow threat is an unauthorized user who takes advantage of gaps within the security
UBA
this is cybersecurity technique which monitors activities to detect anomalies
time of use
this is when an attacker gets an opportunity to manipulate the file afters it creation but before it used by an application
EAP, ICMP and IPsec
EAP- a network access protocol which handles multiple authentication methods
ICMP- used by devices like router to send error messages like requested service is not available or could not reach router
IPSec- it helps to secure internet communication across an IP network by protecting the data through encryption and authentication
Email standards
SPF- This helps in preventing tricking (spoofing)because it allows domain owners to specify which mail servers are authorized send emails on their behalf.
SMTP- this is basically the protocol
What is AML and KYC
(Anti-Money Laundering) and (Know Your Customers) ensures that bank practices are in line with legal requirements
Backups
Continuous backups- this is instant backups
Weekly backups- this is done weekly
Daily - done at the end of the day
Key Stretching and Salting
Key stretching - it hashes the password to make it look longer and making it harder to brute force attack
Salting- it uses cryptography to add random data to the input of hash function to increase security
Difference between data owner, data controller and data processor
Data owner - defined all the policies and security requirement’s
Data controller - defines data processing purposes
Data processes- handles the data based on the data controller instructions
Key escrow
This is a copy of the cryptographic key given to a third party user if lost they have a spare key
