Sec+ 701 Objective 3

0.0(0)
studied byStudied by 0 people
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/116

flashcard set

Earn XP

Description and Tags

Terms from objective 3

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

117 Terms

1
New cards
Cloud
Delivery of computing services over the Internet.
2
New cards
Responsibility Matrix
Defines security responsibilities between provider and customer.
3
New cards
Hybrid Considerations
Combines on-premises, private, and public cloud services.
4
New cards
Third-party Vendors
Companies providing cloud services to businesses.
5
New cards
Infrastructure as Code
Management of infrastructure through code in DevOps.
6
New cards
Serverless Computing
Build applications without managing server infrastructure.
7
New cards
Microservices
Application structure as independent services communicating via APIs.
8
New cards
Network Infrastructure
Resources enabling network connectivity and operations.
9
New cards
Physical Isolation
Separates sensitive systems from other networks.
10
New cards
Air-Gapped
Network isolated from unsecured networks to prevent access.
11
New cards
Logical Segmentation
Segments networks using protocols despite shared infrastructure.
12
New cards
Software-Defined Networking (SDN)
Manages network services through abstraction of functionality.
13
New cards
On-Premises
Infrastructure hosted within an organization's physical facilities.
14
New cards
Centralized Architecture
Processing occurs at a single central location.
15
New cards
Decentralized Architecture
Data distributed across multiple locations for resilience.
16
New cards
Containerization
Encapsulates applications with dependencies in containers.
17
New cards
Virtualization
Creates virtual versions of resources on a single machine.
18
New cards
Server Virtualization
Partitions a physical server into multiple virtual servers.
19
New cards
Desktop Virtualization
Runs multiple desktop environments on one machine.
20
New cards

IoT (Internet of Things)

Network of interconnected devices collecting and sharing data. Usually devices connected to the internet.

21
New cards
Industrial Control Systems (ICS)
Systems controlling industrial processes and operations.
22
New cards
Supervisory Control and Data Acquisition (SCADA)
Gathers real-time data to control remote equipment.
23
New cards
Real-Time Operating System (RTOS)
Processes data with strict timing constraints.
24
New cards
Embedded Systems
Specialized systems performing dedicated functions.
25
New cards
High Availability Considerations
Systems designed for continuous operation without failure.
26
New cards
Device Placement
Strategic positioning of devices for security and efficiency.
27
New cards
Security Zones
Network segments categorized by security needs.
28
New cards
DMZ (Demilitarized Zone)
Hosts public services isolated from internal networks.
29
New cards
Internal Network
Contains trusted devices like workstations and databases.
30
New cards
Guest Network
Separate zone for visitors, isolated from internal systems.
31
New cards
Connectivity
Communication pathways linking devices within an organization.
32
New cards
Redundancy
Multiple paths ensuring connectivity during failures.
33
New cards
Bandwidth and Latency
Adequate bandwidth and low-latency for real-time services.
34
New cards
Failure Modes
Describes system behavior during failures.
35
New cards
Fail-Open
System continues operation, allowing all traffic.
36
New cards
Fail-Closed
System blocks all traffic to ensure security.
37
New cards
Device Attributes
Specific roles or characteristics of network devices.
38
New cards
Active Devices
Devices that monitor or control network traffic.
39
New cards
Passive Devices
Devices observing traffic without interference.
40
New cards
Inline Devices
Devices actively controlling traffic in the data path.
41
New cards
Tap/Monitor Devices
Observe traffic without interfering, used for logging.
42
New cards
Network Appliances
Dedicated devices for specific network functions.
43
New cards
Jump Server
Secured intermediary for accessing isolated networks.
44
New cards
Proxy Server
Intermediary server for filtering and anonymity.
45
New cards
Intrusion Prevention System (IPS)
Blocks suspicious activity in real-time.
46
New cards
Intrusion Detection System (IDS)
Monitors traffic for potential malicious activities.
47
New cards
Load Balancer
A device that distributes traffic across multiple servers.
48
New cards
Sensors
Monitor and detect network traffic patterns.
49
New cards
Port Security
Controls access to network ports and devices.
50
New cards
802.1X
Network access control protocol for device authentication.
51
New cards
Extensible Authentication Protocol (EAP)
Framework for various network authentication methods.
52
New cards
Firewalls
Control incoming and outgoing network traffic.
53
New cards
Web Application Firewall (WAF)
Filters HTTP/HTTPS traffic for web application security.
54
New cards
Unified Threat Management (UTM)
Integrates multiple security features into one device.
55
New cards
Next-Generation Firewall (NGFW)
Advanced firewall with deep packet inspection capabilities.
56
New cards
Layer 4 (Transport Layer)
Filters traffic based on IP addresses and ports.
57
New cards
Layer 7 (Application Layer)
Inspects traffic at the application layer.
58
New cards
Secure Communication/Access
Ensures data confidentiality and integrity during transmission.
59
New cards
Virtual Private Network (VPN)
Creates secure, encrypted connections over public networks.
60
New cards
Remote Access
Access systems from outside physical locations.
61
New cards
Tunneling
Encapsulates data packets for secure transmission.
62
New cards
Transport Layer Security (TLS)
Cryptographic protocol securing communications over networks.
63
New cards
Internet Protocol Security (IPSec)
Secures IP communications through authentication and encryption.
64
New cards
Software-Defined Wide Area Network (SD-WAN)
Manages WAN traffic using software for performance.
65
New cards
Secure Access Service Edge (SASE)
Combines networking and security services in the cloud.
66
New cards
Selection of Effective Controls
Choosing security measures based on organizational needs.
67
New cards
Regulatory Compliance
Ensuring controls meet industry and legal standards.
68
New cards
Regulated Data
Data subject to legal and regulatory requirements.
69
New cards
Trade Secret
Confidential business information providing competitive advantage.
70
New cards
Intellectual Property
Legally protected creations of the mind.
71
New cards
Legal Information
Data related to laws, regulations, and contracts.
72
New cards
Financial Information
Data related to financial status and transactions.
73
New cards
Human-readable Data
Formatted data easily interpretable by people.
74
New cards
Non-human-readable Data
Encoded data not directly interpretable by humans.
75
New cards
Data Classifications
Categorizing data based on sensitivity and importance.
76
New cards
Sensitive Data
Data that could cause significant harm if disclosed.
77
New cards
Confidential Data
Data intended to be kept private within an organization.
78
New cards
Public Data
Information accessible to anyone without restrictions.
79
New cards
Restricted Data
Information limited to specific individuals or groups.
80
New cards
Private Data
Data pertaining to individuals requiring protection.
81
New cards
Critical Data
Essential data for organizational operation and survival.
82
New cards
Data at Rest
Stored data not actively processed or transmitted.
83
New cards
Data in Transit
Data being transmitted over a network or channel.
84
New cards
Data in Use
Data actively processed, most vulnerable to access.
85
New cards
Data Sovereignty
Data subject to local laws where stored.
86
New cards
Geolocation
Determining the physical location of a device.
87
New cards
Hashing
Converts data into a fixed-length string for security.
88
New cards
Data Masking
Obscuring data elements to protect sensitive information.
89
New cards
Tokenization
Replaces sensitive data with non-sensitive placeholders.
90
New cards
Obfuscation
Making data unintelligible while retaining usability.
91
New cards
Segmentation
Dividing networks to limit access to sensitive data.
92
New cards
Load Balancing
Distributing traffic across multiple servers for efficiency.
93
New cards
Clustering
Grouping servers for redundancy and higher availability.
94
New cards
Hot Site
Fully operational backup site mirroring primary site.
95
New cards
Cold Site
Backup site with only physical infrastructure available.
96
New cards
Warm Site
Partially equipped backup site needing additional resources.
97
New cards
Geographic Dispersion
Distributing services across multiple physical locations.
98
New cards
Platform Diversity
Using various technologies to avoid vendor dependence.
99
New cards
Multi-cloud Systems
Using multiple cloud providers for redundancy.
100
New cards
Continuity of Operations
Ensuring critical functions remain operational after disruptions.