2024-05-25T22:46:43+03:00[Europe/Moscow] en true Lessons Learned, Recovery, SSH, content management, Device encryption, CIA, Affinity scheduling, open framework, Boot attestation, SAML, Provisioning, hardware security module (HSM), transit gateways, Cloud Security Alliance (CSA), Center for Internet Security (CIS), Federation, Certificates, message digest (hash), Kerberos, Wireshark, netstat, X.509, CA benchmark, Closing unused ports and disabling unused services, managed power distribution unit (PDU), SCADA systems, personal electronic device (PED), Netcat, TLS (Transport Layer Security), EOSL (end of service life), chain of custody flashcards
Terms to Know 3

Terms to Know 3

Customize
collection saved
Share
Long Term Learning Spaced Repetition
Add to Long Term Learning Desk
Fast learning Repeat this set of flashcards
Preview Test Spell
Play
Match
Review
  • Lessons Learned
    actions to correct weaknesses are assigned and ways to improve are suggested
  • Recovery
    the process of returning assets to their business function and restoring normal operations
  • SSH

    a method for securely sending commands to a computer over an unsecured network.

    performs authentication using server asymmetric keys and optionally with client asymmetric keys and connections between the client and server are encrypted

  • content management
    The ability to control enterprise data or documents on a mobile device
  • Device encryption
    protect the data on the device but does not limit the authorized user
  • CIA
    confidentiality, integrity, and availability
  • Affinity scheduling
    allow a user to stay logged in to a session instead of opening a new session each time they are sent to a new server host. Sends each subsequent request to the same web server, allowing the server to track session state even though HTTP/HTTPS is a stateless protocol
  • open framework
    allows the underlying cipher suites to be updated as needed
  • Boot attestation
    has a record of compliance of system components that can be reported before the system is allowed to connect to corporate networks. can be used to keep client machines off the network unless they are free from malware
  • SAML
    used to enable single sign-on across multiple web applications by securely sharing user credentials in the form of SAML assertions provided by the Identity Provider (IdP)
  • Provisioning
    the name given to the process of assigning permissions or authorities to objects
  • hardware security module (HSM)
    have tamper protections to prevent access to the keys they protect. This allows the keys to be used but not distributed across the network.
  • transit gateways
    It interconnects virtual private clouds and on-premises networks
  • Cloud Security Alliance (CSA)
    has a mission to identify best practices for cloud security
  • Center for Internet Security (CIS)
    exists to promote and sustain best-practice solutions for cyber defense
  • Federation
    ultimate goal is to allow users to seamlessly access data or systems across domains
  • Certificates
    contain the key and the metadata about the key, such as who made it, what it is used for, and how long the key is valid.
  • message digest (hash)
    ensure that no changes are made to data
  • Kerberos
    relies on the concept of a trusted third party that acts as the Key Distribution Center (KDC) in the Kerberos realm
  • Wireshark
    a comprehensive network protocol analyzer. It captures and displays data packets traveling through a network in real-time
  • netstat

    The netstat command generates displays that show network status and protocol statistics. You can display the status of TCP and UDP endpoints in table format, routing table information

  • X.509
    standard defining the format of public key certificates, which are used in various security protocols to ensure secure communication over a network. These certificates are a key component of public key infrastructure (PKI), enabling secure, encrypted communication and authentication over networks such as the internet. defines a certificate’s fields and the possible values those fields have.
  • CA benchmark
    guidance for configuring and operating computer systems at a secure level that is documented and understood
  • Closing unused ports and disabling unused services
    reduces the attack vector and can prevent future vulnerabilities
  • managed power distribution unit (PDU)
    device designed to handle the electrical power for server racks. can take three-phase 440/240VAC power in and convert it to either single-phase 110VAC or 48VDC power
  • SCADA systems
    there are three things you should worry about: the value of the information being protected, physical access to the system, and logical (typically network) access to the data
  • personal electronic device (PED)
    device owned by an employee
  • Netcat
    referred to as the "Swiss Army knife" of networking tools, is a versatile utility used for network diagnostics, troubleshooting, and security testing. It can read and write data across network connections using TCP or UDP protocols.
  • TLS (Transport Layer Security)
    mutual authentication is a security feature where both the client and the server authenticate each other using certificates
  • EOSL (end of service life)
    item is something that is no longer supported by the original equipment manufacturer (OEM)
  • chain of custody
    Record all message digest (hash) values in the documentation., Obtain a signature from the person who accepts the evidence at the storage facility. Securely transport the evidence to a protected storage facility.