Introduction to security, compliance, and identity concepts

0.0(0)
Studied by 0 people
call kaiCall Kai
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
GameKnowt Play
Card Sorting

1/23

encourage image

There's no tags or description

Looks like no tags are added yet.

Last updated 10:19 PM on 6/18/26
Name
Mastery
Learn
Test
Matching
Spaced
Call with Kai

No analytics yet

Send a link to your students to track their progress

24 Terms

1
New cards

Share responsibility

who is accountable for which parts of the security

2
New cards

on-premises

Organization control entire stack

3
New cards

Infrastructure as a Service (laaS)

you manages everything except hardware

4
New cards

Platform as a Service (PaaS)

you manage app and data

5
New cards

Software as a service (SaaS)

You control the least, responsible for access management

6
New cards

Defense in depth

multiple layers of protection; if one layer fails, another layer is there to stop the attack

7
New cards

Distributed denial of service (DDoS)

massive traffic from many differnt sources at the same time

8
New cards

network segmentation

dividing the network into isolated zones so that a compromise in one zone doesn't automatically expose everything else

9
New cards

zero trust

trust no one verify everything

10
New cards

Shadow IT

tech the security team can’t see, can’t control, and can’t protect.

11
New cards

security information and event management (SIEM)

collect, correlates, analyzes, an alets on logs (detects)

12
New cards

SOAR (Security Orchestration, Automation, and Response)

automates incident response (responds)

13
New cards

encryption

process of making data unreadable and unusable to unauthorized viewers.

14
New cards

Symmetric encryption

uses the same key to both encrypt and decrypt

15
New cards

Asymmetric encryption

uses pair key; public and private key

16
New cards

data residency

govern the physical locations where data can be stored and proccessed

17
New cards

Data sovereignty

data is subject to the laws and regulations of the country/region where it's physically collected, held, or processed.

18
New cards

credentials

evidence that verifies your identity

19
New cards

identity provider (IdP)

the gatekeeper that proves who you are.

20
New cards

Security Assertion Markup Language (SAML)

sign in once, access many apps

21
New cards

directory

repository that stores information about objects in a network, such as users, devices, groups, policies, and applications

22
New cards

Active Directory

manage on-premises, domain-based networks—giving administrators a centralized way to manage users, computers, and resources across the organization

23
New cards

Microsoft Entra ID

cloud-based identity and access management service

24
New cards

federation

enables access to services across organizational or domain boundaries by establishing trust relationships between separate identity providers.