CyberRookie CSX Fundamentals - Section 3: Security Architecture Principles

Document Content and Description Below

Defense in depth Correct Answer: the practice of layering defenses to provide added protection Perimeter Correct Answer: a well-defined (if mostly virtual) boundary between the organization and t... he outside world Network or System-centric Correct Answer: the emphasis is on placing controls at the network and system levels to protect the information stored within Data-centric Correct Answer: which emphasizes the protection of data regardless of its location The perimeter Correct Answer: is an important line of defense that protects the enterprise against external threats, and its design should reflect a proactive stance toward preventing potential risk. Internet Perimeter Correct Answer: An important component of the security perimeter which ensures secure access to the Internet for enterprise employees and guest users residing at all locations, including those involved in telecommuting or remote work. Internet Perimeter Correct Answer: should route traffic between enterprise and Internet, no exes, monitor network ports, detect/block traffic from infected internal computers, control outbound traffic, identify/block anomalous traffic, eliminate threats like malware, enforce filtering policies. Internet Perimeter Correct Answer: should always provide protection for VPNs, WANs, and WLANs VPN protection should include Correct Answer: Terminating VPN traffic from remote users, provide a hub for terminating VPN traffic from remote sites, terminate traditional dial in users. VPN Traffic Correct Answer: First filtered at the egress point to the specific IP addresses and protocols that are part of the VPN service. A remote user can only gain access after being authenticated. WAN traffic Correct Answer: security is provided by input/output system (IOS) features. Unwanted traffic can be blocked from the remote branch using input access lists, and IP spoofing can be mitigated through L3 filtering. In distributed and decentralized IT architectures Correct Answer: the third-party risk is likely to increase, often as a function of moving critical applications, platforms and infrastructure elements into the cloud. Focus of cybersecurity is shifting toward contracts and service level agreements (SLAs) Correct Answer: for platforms, storage infrastructure and cloud-based data repositories Cybercrime and cyberwarfare perpetrators Correct Answer: continue to aim at "weak spots" in architectural elements and systems 3rd party cloud providers Correct Answer: are facing an increased risk of attacks and breaches due to the agglomeration and clustering of sensitive data and information APTs and cybercrime Correct Answer: always rely on preparatory research and insight into the target enterprise which raises the level of exposure for weak or unsecured parts of the overall architecture. Vulnerable spots include Correct Answer: legacy systems, unpatched parts of the architecture, "dual persona" use of mobile devices and many others. Architectural approaches Correct Answer: articulate the organization, roles, entities and relationships that exist or should exist to perform a set of business processes. Process models and framework models Correct Answer: two models of security architecture Framework security architecture models Correct Answer: describe the elements of architecture and how they relate to one another Process security architecture modules Correct Answer: is more directive in its approach to the processes used for the various elements. Zachman Framework Correct Answer: developing a who, what, where, when and how matrix which contains columns showing aspects of the enterprise that can be described or modeled. Rouser various viewpoints from which those aspects can be considered. Zachman Framewor [Show More]

Last updated: 1 year ago

Preview 1 out of 25 pages