Network and Security Foundation (partial) D315

Supplemental flashcards for the parts of the OA I did poorly on

Enterprise Networks

Utilizes dedicated devices for routing, firewalls, and switches, offering better performance and advanced configuration functionality for optimizing business-grade networks.

Switch

Primary device in a LAN that facilitates communication between devices, operates at Layer 2 of OSI, and uses MAC addresses to track traffic.

Cloud Computing

Provides an alternative for businesses to outsource IT infrastructure or software services to cloud providers, such as Google Drive or iCloud, offering scalability and cost-effective pay-as-you-go models.

Security Policies

Guidelines and rules set to protect information and technology assets, including Data handling policy, Password Policy, Acceptable Use Policy, Bring Your Own Device policy, Privacy Policy, Least Privilege, Complete Mediation, and Separation of Privilege/Duties.

Least Privilege

Limits user rights and access control permissions to the minimum necessary for job performance, reducing insider threats, enhancing system stability, and streamlining compliance and auditing.

Complete Mediation

Ensures continuous permission checks for resource access, preventing unauthorized entry, and implements best practices like timeouts and account locks for security.

Separation of Privilege/Duties

Requires multiple individuals for critical tasks, preventing fraud and ensuring no single person can complete important actions alone.

Fail-Safe Defaults

Default to maximum security settings, access is denied by default, applies when handling errors and exceptions.

Economy of Mechanism

Keep security systems simple, use proven components, stick to essentials, add more components if needed.

Least Common Mechanism

Use separate resources for different users, prevent information leaks, minimize damage from breaches.

Human-centered Design

Design systems for ease of use, implement user-friendly security, focus on people and consider the whole system.

Psychological Acceptability

Keep security design simple and intuitive, use user-friendly authentication, integrate security into daily routines.

Open-design

Security shouldn't rely on secrecy, can be reviewed for improvement, should remain secure even if system workings are known.

Zero-trust

Distrust by default, verify everything.

Firewalls

Primary IT security device, filter traffic based on rules, can be hardware or software, provide network protection.

Encryption

The process of transforming information in a way that, ideally, only authorized parties can decode. This process converts the original representation of the information, known as plaintext, into an alternative form known as ciphertext.

Mitigation of Cyberattacks

Policies, standards, procedures, guidelines, foundational IT security policies, vulnerability and threat assessment.

Cloud Security

Also known as cloud computing security, is a collection of security measures designed to protect cloud-based infrastructure, applications, and data

Principles of Network Security Design

Common security policies, data handling policies, safeguarding data in transit, secure data disposal.

Password Policies

Policies that dictate the requirements for creating and managing passwords to enhance security.

Acceptable Use Policies (AUP)

Agreements detailing the appropriate use of corporate network access, specifying user permissions and restrictions.

Bring Your Own Device (BYOD)

Policy allowing employees to use personal devices for work purposes, with different access options.

Privacy Policy

Policy safeguarding intellectual property, personal information, and health data from unauthorized access.

Human Centered Design Principles

Design approach focusing on solving root issues, prioritizing people over technology, and iterative prototyping.

Least Privilege

Principle granting employees only the minimum access rights necessary for their tasks to reduce exposure and limit access.

Fail-safe defaults

System design ensuring safe states during failures, with explicit deny authorization by default.

Economy Of Mechanism

Security principle advocating for simplicity, use of trusted components, and removal of unnecessary services.

Zero Trust

Security model distrusting all clients and hosts, emphasizing multi-factor authentication and continuous authentication.

Complete Mediation

Security concept requiring authorization for system access every time, preventing bypass and managing sessions securely.

Open Design

Principle advocating for system security independent of design, ensuring robust security measures are in place.

Firewall Types

Different types like Packet Filtering, Stateful Inspection, and Application Proxy, each with specific functionalities.

Deployment Techniques

Various approaches like Border Firewall, Screened Subnet, Multilayered Firewalls, and Unified Threat Management for network protection.

IDS/IPS

Intrusion Detection/Prevention Systems categorized into Network and Host-based, active and passive, using signatures and heuristics for threat detection.

Encryption

Data protection method using keys to scramble and unscramble data, with symmetric and asymmetric encryption options.

Network Device Hardening

Strategies to secure network devices by limiting connectivity to sensitive resources and adding countermeasures.

Security Hardening

Approach involving layered security controls to protect data, network, and applications, with a focus on defense in depth.

Risk Mitigation Strategies

Techniques to reduce the likelihood or impact of threats, considering cost-effectiveness and risk profiles for decision-making.

Risk Appetite Types

Different levels of willingness to take risks, including Averse, Minimal, Cautious, Open, and Hungry.

Security Risk Identification

Involves assessing and implementing security measures, focusing on preventing vulnerabilities, and being integral to an organization's risk management process.

Access Control Models

Include Discretionary Access Control (DAC), Role-based Access Control (RBAC), Attribute-based Access Control (ABAC), Rule-based Access Control (RuBAC), and Context-based Access Control (CBAC).

Data Classification

Categorizes data into Sensitive, Confidential, Private, and Public based on the level of harm its release could cause.

Wi-Fi Security Protocols

Include Authentication, Encryption, Open System Authentication, Shared Key Authentication, and Extensible Authentication Methods for securing wireless networks.

Security Standards and Frameworks

Encompass various categories like Internal and External standards, with examples such as NIST, ISO, PCI, and COSO, aiming to align IT with business goals and manage risks effectively.

Wireless Attack Types

Involve Extensible Authentication Methods, Client-To-Client Attacks, and Denial Of Service (DoS) Attacks targeting WLANs with various methods like flooding network resources on different OSI model layers.

Unauthorized Access

Also known as unauthorized or illicit use attacks, involves adding an unauthorized device to a wireless network to gain access to the internet gateway or the wired network that an AP is connected to.

Interception Attacks

Attacks that involve listening in on network traffic for information, such as ARP spoofing, which resolves IP addresses to MAC addresses on TCP/IP networks.

Eavesdropping

A wireless attack method where an attacker listens in on network traffic for information, also known as sniffing, to steal data in transit over a network.

Deauthentication

A wireless attack method that involves taking someone off the network using deauthentication frames, which do not require encryption, only the MAC address.

Single Sign-On (SSO)

A system that provides users with a single login and password authentication requirement, requiring role-based access control for seamless authentication.

Access Control Policies

Include principles like least privilege, separation of duties, and no shared accounts, to ensure proper user identification, authentication, authorization, and accounting.

Security Governance

Defines how security is executed and controlled, ensuring alignment between security and business objectives, and is a subset of enterprise governance.

Compliance Laws and Regulations

Include acts like FISMA, SOX, GLBA, HIPAA, CIPA, and FERPA, which mandate security controls and privacy protection for various sectors.

GDPR

General Data Protection Regulation, a privacy law in the EU that standardizes privacy rules, applies to organizations dealing with EU citizens, and ensures the privacy of personal data.

PIPEDA

Personal Information Protection and Electronic Documents Act, a federal privacy legislation in Canada that governs the collection, use, and disclosure of personal information, emphasizing data protection principles.

Network Segregation

Dividing the network into smaller segments to enhance security.

Centralized Log Management

Collecting and analyzing logs in one location for better security monitoring.

Network Address Translation (NAT)

Translates private IP addresses in an internal network to a public IP address before packets are sent to an external network.

Honeypots and Honeynets

Deceptive tools to lure attackers and study their behavior.

Physical Security Measures

Safeguarding network devices and equipment physically.

Data Loss Prevention

Implementing solutions to prevent unauthorized data leakage.

Third-Party Security Assessment

Evaluation of network security by an external entity.

Incident Management Process

Procedures to handle and respond to security incidents.

Principle of Least Privilege

Granting minimal access rights necessary for tasks.

Defense in Depth

Layered security approach to protect against multiple threats.

Security Policy Implementation

Establishing rules and guidelines for network security.

Multi-Factor Authentication

Using multiple verification methods for user authentication.

Complex Password Policy

Enforcing strong password requirements for security.

User Activity Monitoring

Continuous tracking of user actions for security purposes.

Network Monitoring Tools

Software for observing network traffic and activities.

Regular Audits

Periodic reviews to assess and improve network security measures.