Studied by 0 people
Looks like no one added any tags here yet for you.
Responsibility Matrix
Definition: A framework that defines which parties (such as an organization and a service provider) are responsible for specific security tasks in a shared environment.
Example: A company using cloud storage follows a structured plan where the cloud provider manages hardware security while the business is responsible for data encryption and user access controls.
Hybrid Considerations
Definition: Security challenges and strategies involved in environments that combine both cloud and on-premises infrastructure.
Example: A business runs its customer database in a local data center but uses an online platform for web applications, requiring secure connections between the two environments.
Third-Party Vendors
Definition: External companies that provide products or services, including software, hardware, or IT support, to an organization.
Example: A business contracts an external provider to manage network security and implement threat detection systems.
Infrastructure as Code (IaC)
Definition: A method of managing and provisioning computing resources through automated scripts rather than manual configuration.
Example: A development team uses a script to automatically deploy and configure virtual machines, ensuring consistency across all environments.
Serverless
Definition: A cloud-based computing model where the provider manages infrastructure, and developers only focus on writing and running code.
Example: A company hosts an event-driven function that automatically processes data whenever a file is uploaded, without needing to maintain a dedicated server.
Microservices
Definition: A software architecture that breaks applications into small, independent services that communicate with each other.
Example: An online retail system has separate components for user accounts, payments, and inventory, allowing independent updates without affecting the entire application.
Network Infrastructure
Definition: The physical and virtual components that support network communication, including routers, switches, firewalls, and cloud networking.
Example: A company sets up multiple layers of security devices to filter incoming traffic and protect internal systems.
Physical Isolation
Definition: The separation of a system or network from external access to enhance security.
Example: A research lab keeps its sensitive projects on computers that are not connected to the internet to prevent unauthorized access.
Air-Gapped Systems
Definition: A security measure that physically separates a network or system from external connections to prevent cyber threats.
Example: A government agency stores classified documents on a computer that has no internet access and is not connected to any external network.
Logical segmentation
Definition: The division of a network into isolated sections using software controls instead of physical barriers.
Example: A financial company restricts its accounting department’s systems from accessing the software development team’s environment to prevent unauthorized data exposure.
Software-Defined Networking (SDN)
Definition: A network management approach where software controls how data flows, allowing for dynamic and automated configurations.
Example: A company uses a centralized system to automatically adjust network settings and reroute traffic based on demand, improving efficiency and security.
On-Premises
Definition: Computing infrastructure that is physically located within an organization's facility rather than being hosted by an external provider.
Example: A financial institution stores sensitive customer data on locally managed servers within its data center for greater control and security.
Centralized vs. Decentralized
Definition: A comparison between systems where control is maintained from a single authority versus those that distribute responsibilities across multiple locations.
Example: A corporation uses a centralized identity management system where all user access is controlled from a single directory, while a blockchain network operates in a decentralized manner with no single controlling entity.
Containerization
Definition: A technology that packages applications and their dependencies into lightweight, portable units that can run in any environment.
Example: A development team deploys a web application using separate, isolated packages for its database, front-end, and backend services, ensuring consistency across different computing environments
Virtualization
Definition: The creation of multiple simulated environments or machines on a single physical system to maximize resource efficiency.
Example: A company runs multiple operating systems on a single physical server, allowing different teams to test applications without needing separate hardware.
Internet of Things (IoT)
Definition: A network of connected smart devices that collect and share data over the internet.
Example: A manufacturing facility monitors production efficiency using connected sensors that provide real-time performance data.
Industrial Control Systems (ICS) / Supervisory Control and Data Acquisition (SCADA)
Definition: Specialized systems used to manage and automate industrial operations such as power grids, water treatment plants, and factories.
Example: A utility company remotely controls and monitors its electrical grid using a digital system designed for real-time adjustments.
Real-Time Operating System (RTOS)
Definition: A software system that processes data and executes tasks within strict timing constraints, often used in embedded systems.
Example: An autonomous vehicle uses a specialized software environment to ensure instant response times for braking and obstacle detection.
Embedded Systems
Definition: Computing components that are integrated into a larger device and designed to perform dedicated tasks.
Example: A smart thermostat includes a built-in processor that regulates temperature settings based on user preferences.
High Availability
Definition: A design approach that ensures systems remain operational with minimal downtime by incorporating redundancy and failover mechanisms.
Example: A cloud-based streaming service runs on multiple servers, so if one fails, another automatically takes over to keep services running smoothly.
Availability
Definition: Ensuring that systems, applications, and data are accessible when needed, with minimal downtime.
Example: A cloud service provider implements redundant servers to keep applications running even if one fails.
Resilience
Definition: The ability of a system to withstand and recover from failures, attacks, or other disruptions.
Example: A bank’s transaction system continues operating during a cyberattack due to built-in failover mechanisms.
Cost
Definition: The financial investment required for infrastructure, security, maintenance, and scalability.
Example: A business chooses a cloud provider that offers a pay-as-you-go model to minimize upfront expenses.
Responsiveness
Definition: The speed at which a system reacts to user requests or changes in workload.
Example: An online retailer’s website automatically adjusts server capacity during peak shopping hours to handle increased traffic.
Scalability
Definition: The ability of a system to expand or contract based on demand without affecting performance.
Example: A video streaming platform adds more server capacity as more users subscribe to its service.
Ease of Deployment
Definition: How quickly and efficiently a system or application can be set up and configured.
Example: A company deploys a new web application in minutes using an automated cloud infrastructure.
Risk Transference
Definition: Shifting the responsibility for potential security risks to a third party, such as a cloud provider or cybersecurity insurance.
Example: A business purchases a cybersecurity insurance policy to cover financial losses from a potential data breach.
Ease of Recovery
Definition: How quickly a system can restore normal operations after a failure or attack.
Example: A company uses automatic daily backups, allowing it to quickly restore lost data after a ransomware attack.
Patch Availability
Definition: The frequency and speed at which security updates or software fixes are provided by vendors.
Example: A mobile operating system releases monthly security updates to protect against new vulnerabilities.
Inability to Patch
Definition: A situation where software or hardware cannot be updated due to compatibility issues or lack of vendor support.
Example: A hospital continues using outdated medical devices that cannot receive security updates, increasing the risk of exploitation.
Power
Definition: The energy requirements of a system, including backup power solutions to prevent outages.
Example: A data center uses backup generators to keep operations running during a power failure.
Compute
Definition: The processing power and resources required for a system to function efficiently.
Example: A company provisions high-performance virtual machines to support artificial intelligence workloads.
Third-Party Mobile Device Management (MDM)
Definition: A security solution provided by an external vendor that allows organizations to remotely manage, monitor, and secure employee devices.
Example: A company uses an external platform to enforce security policies on employee smartphones, such as requiring encryption and blocking unauthorized apps.
Zone Redundancy
Definition: A strategy that ensures system availability by distributing resources across multiple geographic locations or independent zones to prevent single points of failure.
Example: A cloud provider hosts customer data in multiple data centers across different regions, so if one fails, the system automatically switches to another without downtime.
Device Placement
Definition: The strategic positioning of hardware and network components to maximize security and efficiency.
Example: A company places its firewalls at the network perimeter and intrusion detection systems within internal networks to monitor for threats.
Security Zones
Definition: Segmented areas within a network with different security levels to control access and reduce risks.
Example: A business separates public-facing web servers from internal databases using a demilitarized zone (DMZ) to prevent direct external access.
Attack Surface
Definition: The total number of possible points where an attacker could exploit a system or network.
Example: A company reduces its exposure by closing unnecessary ports and disabling unused services on its servers.
Connectivity
Definition: The way devices and networks are linked to communicate securely and efficiently.
Example: A remote workforce uses a virtual private network (VPN) to securely access company resources from different locations.
Fail-Open
A system remains operational when a failure occurs, potentially allowing unrestricted access.
Example: A firewall fails and allows all traffic instead of blocking it, leaving the network vulnerable.
Fail-Closed:
A system shuts down or blocks access during a failure to prevent security breaches.
Example: A biometric access system locks all doors when it detects an authentication system failure, preventing unauthorized entry.
Active Monitoring
Proactively tests system performance and security with synthetic transactions. Example: An online store sends test purchases to verify the checkout process.
Passive Monitoring
Observes real user data and traffic to identify security threats. Example: An online store analyzes actual customer behavior to detect suspicious activities.
Inline Monitoring
Involves placing monitoring tools directly in the path of network traffic. This allows for real-time analysis and intervention but can introduce latency and potential points of failure.
Example: Firewalls are typically placed inline to inspect and filter traffic as it passes through.
TAP/Monitor
A hardware device that passively copies network traffic for monitoring without affecting the flow of data. It provides a complete and accurate capture of traffic but requires physical installation.
Example: A TAP device is inserted between two network devices to duplicate traffic for analysis.
Jump Server
A specially secured device used to access and manage critical systems remotely.
Example: An administrator connects to a secured management system through a single controlled access point rather than accessing it directly.
Proxy Server
A system that acts as an intermediary between users and the internet, enhancing security and anonymity.
Example: A company routes employee web traffic through a filtering system that blocks malicious sites.
Intrusion Detection System (IDS)
Monitors network traffic for suspicious activity and alerts administrators when potential threats are detected. It does not take direct action to stop the threats; it only identifies and reports them.
Example: IDS detects an unusual spike in traffic indicating a possible DDoS attack and notifies the security team.
Intrusion Prevention System (IPS)
monitors and detects suspicious activity like an IDS, but also takes proactive measures to block or prevent potential threats in real-time.
Example: IPS detects and automatically blocks a malicious traffic attempt from accessing the network.
Load Balancer
A system that distributes traffic across multiple servers to ensure performance and reliability.
Example: A high-traffic e-commerce website evenly distributes incoming customer requests to multiple backend servers to prevent overload.
Sensors
Definition: Devices that monitor network traffic, system activity, or environmental factors to detect security threats.
Example: A data center uses temperature and motion detectors to prevent overheating and detect unauthorized access attempts.
Port Security
Definition: A method of controlling access to network ports to prevent unauthorized devices from connecting.
Example: A corporate network restricts connections to only approved employee devices to prevent rogue access.
802.1X:
A network authentication protocol that requires devices to verify their identity before accessing the network. ( through a RADIUS server, uses EAP to communicate), this is a IEEE standard.
Example: An office Wi-Fi network requires employees to log in with unique credentials before they can connect.
Extensible Authentication Protocol (EAP)
A framework used in secure wireless authentication that supports various encryption and authentication methods. (its what helps communicate between the device and the authentication, radius, server)
Example: A university uses a secure wireless login system where students authenticate with a digital certificate.
Web Application Firewall (WAF)
Protects web applications by filtering and monitoring HTTP traffic to prevent attacks like SQL injection and cross-site scripting.
Example: An online shopping website deploys a security solution that blocks suspicious user inputs to prevent hacking attempts.
Unified Threat Management (UTM)
A multi-function security system that includes firewall, antivirus, intrusion detection, and content filtering in one solution.
Example: A small business uses an all-in-one security appliance that scans for malware, filters web traffic, and blocks unauthorized access.
Next-Generation Firewall (NGFW):
An advanced security solution that includes deep packet inspection, intrusion prevention, and application awareness.
Example: A company deploys an advanced security system that detects and blocks sophisticated threats in real time.
Layer 4, Transport
Filters traffic based on IP addresses, ports, and protocols.
Example: A router blocks all traffic on a specific port to prevent unauthorized services from running.
Layer 7, Application OSI
Filters traffic based on application-level data, such as HTTP, FTP, or DNS requests.
Example: A corporate security system blocks access to streaming websites while allowing business-related traffic.
Virtual Private Network (VPN)
Encrypts internet connections to protect data transmitted between remote users and a corporate network.
Example: A remote employee securely accesses company files from home using an encrypted connection
Remote Access
The ability to connect to a network or system from a different location.
Example: An IT administrator logs into a corporate server from another city to perform updates.
Tunneling
A method of securely transmitting data through an encrypted channel between two networks.
Example: A business secures its internal email communications by encrypting messages before they travel across the internet.
Transport Layer Security (TLS)
A cryptographic protocol that secures online communications by encrypting data between a client and a server.
Example: A banking website ensures secure transactions by encrypting user data during login and payment processing.
Internet Protocol Security (IPSec)
Definition: A protocol suite that encrypts and secures data transmitted over an IP network to prevent interception and tampering.
Example: A company secures communication between branch offices by encrypting traffic using a network security protocol, preventing unauthorized access.
Software-Defined Wide Area Network (SD-WAN)
A network management approach that uses software to intelligently route traffic across multiple connections for better performance and security.
Example: A multinational company connects its offices globally using a cloud-based solution that dynamically selects the best available internet path for data transmission, reducing costs and improving efficiency.
Secure Access Service Edge (SASE)
Definition: A security framework that combines wide-area networking and security services into a cloud-based solution to provide secure remote access.
Example: A business with remote workers implements a cloud-based solution that ensures encrypted connections, access controls, and threat monitoring across multiple locations.
Regulated Data
Definition: Information governed by legal or industry regulations that require strict protection and compliance.
Example: A healthcare provider encrypts patient medical records to comply with data privacy laws and prevent unauthorized access.
Trade Secret
Definition: Confidential business information that provides a competitive advantage and must be protected from disclosure.
Example: A technology company safeguards its proprietary software algorithms to prevent competitors from replicating its innovations.
Intellectual Property
Definition: Legally protected creations of the mind, such as patents, copyrights, and trademarks.
Example: A movie studio prevents the unauthorized distribution of its newly released film by using digital rights management (DRM) technology.
Legal Information
Definition: Documents and records related to contracts, compliance, and regulatory matters that require secure storage.
Example: A law firm securely stores signed contracts and court documents in an encrypted document management system.
Financial Information
Definition: Data related to monetary transactions, including banking records, credit card details, and financial reports.
Example: An online payment service encrypts customer credit card information to protect against fraud and data breaches.
Human-Readable and Non-Human-Readable Data
Definition: Data that can be interpreted directly by people versus data that requires processing by machines.
Example: A user can read a PDF invoice, but an encoded binary file used for software execution must be processed by a computer before interpretation.
Sensitive Data
Definition: Information that requires protection due to privacy, security, or regulatory concerns.
Example: A government agency restricts access to personnel records to authorized employees only to prevent data leaks
Confidential Data
Definition: Information that is restricted to specific individuals or groups to prevent unauthorized disclosure.
Example: A corporate HR department encrypts employee salary records to ensure that only approved personnel can access them.
Public Data
Definition: Information that is openly available to anyone and does not require protection.
Example: A government agency publishes a report on population statistics that is accessible to the public.
Restricted Data
Definition: Information that has limited access and requires authorization to be viewed or shared.
Example: A university restricts access to student exam results so that only faculty members and the student can view them.
Private Data
Definition: Personal or confidential information that is protected to maintain privacy and prevent unauthorized access.
Example: A social media platform encrypts user messages to ensure that only the sender and recipient can read them.
Critical Data
Definition: Essential information that, if lost or compromised, would severely impact business operations or security.
Example: A financial institution secures its transaction records with multiple backups to prevent loss due to cyberattacks.
Data at Rest
Definition: Information stored on physical or digital media that is not actively being used or transferred.
Example: A company encrypts stored customer records on its database to prevent unauthorized access.
Data in Transit
Definition: Information being transferred from one location to another over a network.
Example: A secure payment gateway encrypts credit card details while processing an online transaction.
Data Sovereignty
Definition: The legal and regulatory requirements that dictate where information is stored and processed based on geographic location.
Example: A cloud storage provider ensures that European customer data is stored within the EU to comply with data protection laws.
Data in Use
Definition: Information that is actively being processed, modified, or accessed by an application or user.
Example: An employee works on a confidential financial spreadsheet that is temporarily stored in system memory.
Geolocation
Definition: The identification of a device or user’s physical location based on GPS, IP address, or network information.
Example: A banking app requires additional authentication if a customer attempts to log in from an unfamiliar country.
Geographic Restrictions
Definition: Limiting access to data based on the physical location of users or systems to prevent unauthorized access from certain regions.
Example: An online banking service blocks logins from foreign countries unless pre-approved by the account holder.
Encryption
Definition: Converting data into an unreadable format using cryptographic techniques to protect it from unauthorized access.
Example: A healthcare provider encrypts patient records so they can only be accessed with a secure decryption key.
Hashing
Definition: A process that converts data into a fixed-length unique value, often used to verify integrity.
Example: A website hashes user passwords before storing them to prevent attackers from easily retrieving them if breached.
Masking
Definition: Concealing portions of sensitive data to protect it while still allowing limited visibility for legitimate use.
Example: A customer service portal displays only the last four digits of a credit card number for security reasons.
Tokenization
Definition: Replacing sensitive data with a unique identifier (token) that has no exploitable value.
Example: A payment processor substitutes actual credit card numbers with random tokens to prevent exposure during transactions.
Obfuscation
Definition: Modifying data to make it difficult to understand or interpret without proper decoding.
Example: A software application obfuscates its source code to prevent hackers from analyzing its functionality.
Segmentation
Definition: Dividing data or networks into separate sections to limit access and minimize security risks.
Example: A company stores employee payroll data in a separate, restricted database that is not connected to other systems
Permission Restrictions
Definition: Controlling user access to data by defining specific privileges based on roles and responsibilities.
Example: An HR employee has permission to view salary details but cannot edit them, ensuring that only authorized personnel can make changes.
High Availability
Definition: Ensuring that systems and services remain operational with minimal downtime, even during failures or maintenance.
Example: A financial trading platform implements backup power supplies and redundant servers to maintain 24/7 uptime.
Load Balancing
Distributes network traffic across multiple servers to optimize performance and prevent overload.
Example: An e-commerce website uses a system that directs users to different servers based on traffic levels to keep response times fast.
Clustering
A group of servers working together as a single system to increase reliability and processing power.
Example: A hospital database runs on multiple interconnected machines, so if one fails, another takes over without service disruption.
Hot Site
A fully operational backup facility that can take over immediately in case of a disaster.
Example: A bank maintains an identical backup center with real-time data replication, allowing operations to continue instantly if the primary site goes down.
Cold Site:
A backup location with infrastructure but no active systems, requiring setup before use.
Example: A company rents an empty office space with basic equipment that can be set up as a temporary workspace after a major disaster.
Warm Site
A partially configured backup location that requires some setup before becoming fully operational.
Example: A call center keeps backup servers and networking equipment at a secondary site, which can be brought online within a few hours if needed.
Geographic Dispersion
Distributing systems across multiple locations to ensure resilience against regional failures.
Example: A cloud provider hosts data across different continents, so if one data center fails, users are automatically redirected to another.
Platform Diversity
Definition: Using multiple types of hardware, operating systems, or software solutions to reduce the risk of failure from a single point of failure.
Example: A business runs its applications on both Linux and Windows servers to ensure compatibility and redundancy.
Multi-Cloud Systems
Definition: Using multiple cloud providers to distribute workloads and improve availability and flexibility.
Example: A media streaming service stores videos on different cloud platforms to ensure service continuity if one provider experiences downtime.
Continuity of Operations
Definition: The ability of an organization to maintain essential functions during and after a disruption.
Example: A government agency implements an emergency response plan that allows employees to work remotely during a natural disaster.
