Overview of Digital Forensics and Zero Trust Architecture

0.0(0)
studied byStudied by 0 people
GameKnowt Play
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/22

encourage image

There's no tags or description

Looks like no tags are added yet.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

23 Terms

1
New cards

Digital Forensics

Investigation of digital crimes to answer questions like who, what, when, where, why, and how.

2
New cards

Acquisition

Collect evidence while preserving its integrity.

3
New cards

Presentation

Report findings in simple terms for court or stakeholders.

4
New cards

Chain of Custody

Documentation of evidence handling to ensure its integrity during an investigation.

5
New cards

File Carving

Reassembling files based on their format and signature when metadata is unavailable.

6
New cards

Anti-Forensics Techniques

Methods used to hide or destroy evidence, such as file deletion, encryption, or steganography.

7
New cards

Zero Trust Architecture (ZTA)

A security model that assumes no user, device, or network is trusted by default. Verification is required for all access.

8
New cards

Core Principles of Zero Trust

Assume breach. Verify explicitly (identity, device, context). Implement least-privilege access.

9
New cards

Recovery

Extract data from evidence.

10
New cards

Analysis

Reconstruct events or identify contraband.

11
New cards

Microsegmentation

Dividing a network into isolated segments to limit the movement of attackers.

12
New cards

ZTA Deployment Models

Resource-Based: Secures individual resources. Enclave-Based: Groups similar resources into enclaves. Cloud-Routed: Secures cloud access.

13
New cards

Key ZTA Components

Policy Engine: Decides access based on policies. Policy Administrator: Enforces decisions. Policy Enforcement Point (PEP): The gatekeeper controlling resource access.

14
New cards

DevSecOps

A practice integrating development, security, and operations to deliver secure software faster.

15
New cards

Phases of the DevSecOps Lifecycle

Plan, Develop, Build, Test, Release, Deliver, Deploy, Operate, Monitor, Feedback.

16
New cards

Key Benefits of DevSecOps

Faster deployments. Reduced failure rates. Baked-in cybersecurity.

17
New cards

CI/CD in DevSecOps

Continuous Integration and Continuous Deployment to automate and streamline the software lifecycle.

18
New cards

Applications of AI in Cybersecurity

Threat detection through anomaly detection. Behavioral analysis of users and devices. Adaptive security that evolves with threats.

19
New cards

Adversarial Machine Learning

The use of AI to trick machine learning models, often used in attacks like deepfakes or AI-powered malware.

20
New cards

Challenges in Digital Forensics

Managing vast data volumes. Detecting anti-forensic techniques. Interpreting artifacts from evolving technologies.

21
New cards

Zero Trust Challenges

Insider threats. Subversion of decision-making processes. Balancing usability and strict access controls.

22
New cards

Key Takeaways in Digital Forensics

Every interaction leaves a digital trail. Recovery techniques may produce incomplete or extraneous data. Continuous learning is required to keep up with technological advancements.

23
New cards

Key Takeaways in ZTA

Trust is dynamic and context-driven. Focus on securing resources, not the network perimeter. Policies must be enforced uniformly across all access points.