ISC2-CC Exam: Domains, Ethics & Security Goals

Questions and Answers

An organization has experienced a data breach involving Personally Identifiable Information (PII). Which regulation is MOST directly applicable?

• Payment Card Industry Data Security Standard (PCI DSS)
• Relevant national or local privacy laws (correct)
• Health Insurance Portability and Accountability Act (HIPAA)
• Sarbanes-Oxley Act (SOX)

During a security incident investigation, a security analyst discovers that a former employee's account was used to access sensitive company data several weeks after their termination date. Which of the following security controls failed?

• Intrusion Detection System
• Multi-Factor Authentication
• Principle of Least Privilege
• Deprovisioning (correct)

In the context of risk management, what differentiates 'risk transference' from 'risk mitigation'?

• Risk transference reduces the likelihood of a risk, while risk mitigation reduces the potential damage.
• Risk transference shifts the financial impact of a risk to another party, while risk mitigation implements controls to lessen the risk's impact or likelihood. (correct)
• Risk transference involves accepting a risk, while risk mitigation involves avoiding a risk.
• Risk transference is about avoiding a risk completely, while risk mitigation is about sharing the risk.

A company is implementing a new security awareness program. Which strategy would be MOST effective in changing employee behavior?

Implementing regular phishing simulations with personalized feedback. (A)

An organization wants to implement the principle of least privilege. Which approach is MOST effective?

Granting users only the access required to perform their specific job duties, with regular reviews and adjustments. (A)

What is the PRIMARY difference between a firewall using stateful inspection and one using stateless inspection?

Stateful firewalls track the state of network connections, while stateless firewalls evaluate each packet independently. (A)

In the context of cloud computing, what is the key difference between Infrastructure as a Service (IaaS) and Platform as a Service (PaaS)?

IaaS provides virtualized hardware resources, while PaaS provides a platform for developing and deploying applications. (A)

Which statement BEST describes the purpose of a Security Information and Event Management (SIEM) system?

To provide real-time monitoring and analysis of security events. (D)

What is the MOST important consideration when determining the Recovery Time Objective (RTO) for a critical business process?

The maximum acceptable downtime the business can tolerate. (C)

Which of the following security controls is MOST effective in preventing replay attacks?

Implementing tokens or timestamps. (C)

Which Security Domain focuses primarily on maintaining the availability aspect of the CIA triad?

Business Continuity, Disaster Recovery, and Incident Response (C)

An employee witnesses a colleague violating the ISC2 Code of Ethics but fails to report it. What is the consequence of this inaction?

The employee is also in violation of the Code of Ethics. (A)

Which of the following is the MOST effective countermeasure against social engineering attacks?

Conducting regular security awareness education and training. (A)

What distinguishes 'identification' from 'authentication' in the access control process?

Identification makes a claim of identity, while authentication proves that claim. (D)

Why is it important for security policies to be set by senior management?

To provide the foundation for the organization's security program and ensure they are mandatory. (C)

Which of the following disaster recovery site options offers the FASTEST recovery time but is also the MOST expensive?

Hot Site (C)

What is the primary purpose of implementing defense in depth?

To provide multiple layers of security controls to protect assets. (B)

A network administrator notices unusual traffic patterns that deviate significantly from established baselines. Which type of intrusion detection system (IDS) would be MOST effective in identifying this activity?

Heuristic or Anomaly-based IDS (B)

Which of the following is NOT a goal of Crime Prevention Through Environmental Design (CPTED)?

Automated Intrusion Detection (C)

An organization implements a policy requiring employees to rotate job functions regularly. What security objective is this policy PRIMARILY designed to support?

Data integrity (C)

What is the PRIMARY advantage of using a Virtual Private Network (VPN) with a 'full tunnel' configuration compared to a 'split tunnel'?

Enhanced security by routing all traffic through the VPN. (B)

Which type of attack attempts to trick browsers into using unencrypted communications?

SSL Stripping (A)

Which of the following indicates data in transit?

Email (C)

What is the PRIMARY difference in how a Network-Based Cloud Access Security Broker (CASB) and an API-Based CASB operate?

A Network-Based CASB monitors traffic in real-time while an API-Based CASB queries the cloud service via API. (C)

Which factor is MOST important to consider when selecting a Managed Security Service Provider (MSSP)?

The MSSP's compliance with relevant industry standards and regulations. (C)

An application is found to be vulnerable. Which of the following options is considered the MOST secure way to mitigate that vulnerability?

Network Segmentation (A)

Which of the following cloud solutions is considered the MOST customizable?

Infrastructure as a Service (A)

An organization wants to increase the physical security of its data center. Aside from gates, which of the following options provides the BEST additional security control focus on other security controls?

Bollards (D)

A company experiences a power outage. The data center is equipped with UPS and generator. What is the purpose of the PDU (Power Distribution Units)?

Provide power clearing and management. (D)

An organization implements a Data Handling Policy. Which of the following options do they implement as part of the Data Handling Policy?

Outline how to protect sensitive information (C)

Which is considered as the BEST practice to secure a wireless network?

Update to WPA3 security protocol (D)

An organization wants to quickly check if a remote system is responsive, they want to confirm the connection. Which command line tool would be BEST to use?

ping (C)

Which action protects against worms?

Patching (C)

What is the BEST way to explain what a botnet does?

A collection of zombie computers used for malicious purposes (B)

Which of the following is a form of eavesdropping attack?

Is a comprised communication path (B)

Which of the following is a technique to measure encryption time?

Timing Attacks (D)

What does the antivirus software use for protection?

2 types of mechanisms to protect (A)

An organization requires high humidity within a Data Center. Which is the MOST optimal value?

41.9 F and 50.0 F (C)

Flashcards

ISC2 Code of Ethics

Protect society and infrastructure, act honorably, serve diligently, advance the profession.

Confidentiality

Protect information from unauthorized disclosure.

Integrity

Protects information from unauthorized changes.

Availability

Protects authorized access to systems and data; ensures information is available to authorized users.

Snooping

Gathering information that is left out in the open

Dumpster Diving

Looking through trash for information.

Social Engineering

Attacker uses psychological tricks to persuade employees to give information or access

Unauthorized Modification

Attackers make changes without permission, internal or external

Impersonation

Attackers pretend to be someone else.

Man-in-the-Middle (MITM)

Attackers place themselves in the middle of communication sessions.

Denial of Service (DoS)

Maliciously bombarding a system with overwhelming traffic.

Identification

Making a claim of identity.

Authentication

Proving a claim of identity.

Authorization

Ensuring that an action is allowed.

Accounting

Tracking and maintaining logs of all activity.

Multi Factor Authentication

Combining something you know, are, and have for authentication.

Single Sign-On (SSO)

Sharing authenticated sessions across systems.

Non-repudiation

Preventing someone from denying the truth.

Internal Risks

Risks that arise from within the organization.

External Risks

Risks that arise outside the organization.

Risk Assessment

Identifies and triages risks.

Ranking of Risks

We rank risks by likelihood and impact.

Risk Avoidance

Changing business practices to make a risk irrelevant.

Risk Transference

Attempting to shift the impact of a risk to another organization.

Risk Mitigation

Actions that reduce the likelihood or impact of a risk.

Risk Acceptance

Choice to continue operations in the face of a risk.

Inherent Risk

Initial level of risk, before any controls are put in place.

Security Controls

Security procedures and mechanisms that reduce risk.

Prevent Control

Stops a security issue from occurring.

Technical Controls

Use technology to achieve control objectives.

Administrative Controls

Uses processes to achieve control objectives.

Physical Controls

Controls that impact the physical world.

Baselines

Provides a configuration snapshot for devices.

Security Policies

Documents that provide the foundation for an organization's security program and expectations.

Standards

Describes the specific details of security controls.

Procedures

Step-by-step instructions of objectives.

Business Continuity Planning (BCP)

The set of controls designed to keep a business running in the face of adversity.

Business Impact Assessment (BIA)

Risk assessment that identifies mission-essential functions and IT systems.

Redundancy

The level of protection against the failure of a single component.

Disaster Recovery (DR)

Restore normal operations as quickly as possible following a disaster.

Study Notes

ISC2-CC Exam Domains

• Security Principles (26%) comprises the largest portion of the exam.
• Business Continuity, Disaster Recovery, and Incident Response account for 10%.
• Access Control Concepts represent 22%.
• Network Security covers 24%.
• Security Operations make up 18%.

ISC2 Code of Ethics

• Protect society and infrastructure; avoid hacking.
• Act honorably, justly, and within the law; avoid lying.
• Serve principles diligently and competently; fulfill duties.
• Advance the information security profession.
• Anyone can file a complaint, but employers/clients and other professionals complaints are due to the nature of the code itself
• Must report any witnessed violation. Failure to report is a violation.
• Submit a Complaints Form and must ensure alleged behavior must harm your profession in some way.

Goals of Information Security

• Confidentiality: Protects information from unauthorized disclosure.
• Integrity: Protects information from unauthorized changes.
• Availability: Protects authorized access to systems and data, ensuring it's available to authorized users.

Confidentiality Concerns

• Snooping: Gathering information left in the open. Clean desk policies protects against snooping.
• Dumpster Diving: Looking through trash for information. Shredding protects against it.
• Eavesdropping: Rules about sensitive conversations prevent it. Includes wiretapping & electronic eavesdropping
• Encryption protects against wiretapping.
• Social Engineering: Attackers use psychological tricks to get employees to give information or access.
• Education and Training protects against social engineering.

Integrity Concerns

• Unauthorized Modification: Attackers make changes without permission, can be internal or external.
• Use Rules of Least Privilege to prevent unauthorized modification.
• Impersonation: Attackers pretend to be someone else. User education protects against it.
• Man-in-the-Middle (MITM): Attackers place themselves in communication sessions, intercepting network traffic and assuming roles. Impersonation on an electronic or digital level. Encryption prevents man-in-the-middle attacks

Availability Concerns

• Denial of Service (DoS): Overwhelming a system with traffic, preventing legitimate users from accessing it.
• Firewalls block unauthorized connections to protect against DoS attacks.
• Power Outages: Redundant power sources and backup generators protect against them.
• Hardware Failures: Failure of servers, hard drives, etc. Redundant components protect against this.
• Building systems with redundancy ensures that if one component fails, another takes over.
• Destruction: Backup data centers protect against destruction (e.g., cloud).
• Service Outages: Service outage from programming errors, equipment failure, etc. Resilient systems protect against service outages.

Authentication and Authorization

• Access Control Process:
  • Identification: Making a claim of identity (can be false). Uses usernames in electronic identification.
  • Authentication: Proving a claim of identity. Electronic authentication uses passwords.
  • Authorization: Ensuring an action is allowed.
• Electronic authorization uses access control lists (ACLs), which also provide accounting functionality (tracking user activity).
  • Authentication + Authorization + Accounting = AAA

Password Security

• Controls: Length, complexity, expiration, forced changes, password history, cannot use previously used passwords implemented when setting password requirements.
• Password Managers: Secure vaults, often protected by biometrics, facilitates use of strong/unique passwords, stores passwords. 3 types of authentication factors

Multi-Factor Authentication

• Something known example of Passwords, Pins.
• Something possessed example of Software and Hardware Tokens
• Something inherent which incorporates Biometric Security Mechanisms, Fingerprints, Voice
• Combining these factors creates Multi Factor Authentication
• Passwords combined with security questions are NOT multi factor authentication because Passwords and security questions are both something you know

Single Sign-On (SSO)

• Shares authenticated sessions across systems.
• Organizations use SSO solutions to avoid repeated authentications

Non-Repudiation

• Prevents someone from denying the truth, supported by physical signatures on contracts, digital signatures using encryption, and biometric controls.

Privacy

• Organization Privacy Concerns:
  • Protecting own data and organization data, educating users, and protecting collected data.
• Types of Private Information:
  • Personally-Identifiable Information (PII) and Protected Health Information (PHI), regulated by HIPPA.
• Reasonable Expectation of Privacy depends on whether the person disclosing the information had a reasonable expectation of privacy.
  • Ex= if you upload a YouTube video, you do not have a expectation of priacy
• Expectation of privacy exists for electronic communications such as email/chats, but not when sharing PII or using employer resources.

Risk Management

• Internal Risks includes Risks from within the organization, which internal controls prevent.
• External Risks includes Risks from outside the organization
  • These are handled by controls like multifactor authentication or social engineering awareness campaigns.
• Multiparty Risks affects more than one organization
  • Include intellectual property theft and risks around altering/stealing data.
  • Software license agreements issues risks fines and legal actions for violation of license agreements
• Risk Assessment Identifies and triages risks

Ranking of Risks

• Likelihood: Probability of a risk occurring.
• Impact: the Amount of damage a risk will cause.

Risk Assessment Techniques

• Qualitative: subjective ratings to evaluate likelihood and impact (low, medium, high).
• Quantitative: subjective numeric ratings

Risk Treatment (Management)

• Analyzes/implements responses to control risk.
• Avoidance: Changes business practices to make a risk irrelevant.
• Transference: Shifts impact from one organization to another, ex: insurance policies.
• Mitigation: Actions to reduce likelihood or impact.
• Acceptance: Choice to continue operations in the face of a risk.

Risk Types and Tolerance

• Risk Profile is the Combination of risks that an organization faces
• Inherent Risk: Initial level of risk before any controls.
• Residual Risk: Risk that remains is known as residual risk
• Control Risk: is the new risk introduced by applied controls.

Security Controls

• Procedures/mechanisms to reduce likelihood/impact of risk, help identify issues:
• Defense in Depth
• overlapping security controls, different methods with a common objective.

Types of Control Purposes

• Prevent: Stop a security issue from occurring.
• Detect: Identify issues requiring investigation.
• Correct: Remediate security issues that have already occurred.

Control Mechanisms

• Technical: Use technology to control objectives (firewalls, encryption, DLP, antivirus software). Also known as Logical Control.
• Administrative: Use processes to control objectives (user access reviews, log monitoring, background checks).
• Physical: Controls that impact the physical world (locks, security guard).

Configuration Management

• Tracks the way specific devices are set up, operating system settings, and software inventory.
• It Also creates artifacts to understand system configuration.

Baselines

• Provides configuration snapshot.
• Dual Net used to assess if settings are outside of approved change management process

Versioning/Version Controls

• Assigns each release of software an incrementing version number.
• Numbers are written as three-part decimals: major version, major updates, minor updates (Ex: iPhone iOS 14.1.2).

Security Governance/Policy Framework

• Must identify applicable domestic and international laws/regulations, creating a framework for everyone.

Documents in a Security Policy Framework

• Policies: Foundation for information security program, describes expectations, mandatory, set by senior management, should stand the test of time.
• Standards: Specific details of security controls, mandatory.
• Guidelines: Advice on best practices, optional.
• Procedures: Step-by-step procedures of an objective, compliance can be mandatory/optional.

Best Practice of Security Policies

• Acceptable Use Policies (AUP), describes authorized technology uses.
• Data Handling Policies: describes how to protect sensitive information.
• Password Policies, describes security practices, and password requirements (length, complexity) become officially documented.
• Bring Your Own Device Policies (BYOD): covers personal devices with company information.
• Privacy Policies: covers personally identifiable information, can be enforced by National & Local authorities.
• Change Management Policies: covers documentation, approval, and rollback of technology changes.

Business Continuity

• Business Continuity Planning (BCP) helps maintain business in adversity. Also known as Continuity Of Operations Planning (COOP)
• It impacts the #3 goal of security which is Availability so it is proactive in determining business configuration.
• Business Impact Assessment (BIA) assesses risk using quantitative or qualitative processes, identifying business functions and critical IT systems.
• In the cloud, BC requires collaboration between providers and customers
• Redundancy provides level of protection/against component failure.

Point-of-Failure Analysis

• Single Point of Failure Analysis provides mechanism to identify/remove single points of potential failure in a given system.
• SPOF continues until the cost outweighs the benefit and can be applied in HR, and 3rd party vendor reliance etc) High Availability in Systems (ex: Clouds, firewalls)
• Continued Operation of Systems makes a single system resilient through High Availability and Fault-Tolerance, which is useful for both service failure and technical failures.
• Load Balancing is the Spreading of demand across available systems.

Common Failure Points

• Power Supply
  • Contain moving parts, have high failure rate and use Uninterruptible Power Supplies (UPS)
• Storage Media protection against storage failure
  • Redundant Array of Inexpensive Disks (RAID): Used to provide redundancy. This is a Fault-Tolerance technique NOT a Back-up strategy
• Networking improve redundancy, and use dual-network interface cards (NIC), and implement Multipath Networking
• Fault-Tolerance mechanisms prevents systems from failing, so should attempt to include Diversity in your infrastructure
• Incident Response Plans provide structure during cybersecurity incidents

Elements in a Response Plan

• Statement of Purpose, Strategies and goals, communication approach, and senior leadership approval.

Best Practices for an Effective Response Plan

• Use NIST SP 800-61 when developing plan to assist with mitigating business impact by providing practical guidance

Team Development

• Team should have Management, personnel, SMES, Legal Counsel, Physical Security, and Human Resources. If any of these are lacking, use incident response service providers
• Communications Plans ensures timely and accurate information while limiting external communications. Should address enforcement involvement and describe communications paths.

Incident Identification

• Organizations have a responsibility to collect, analyze and retain security information to determine necessary data for is crucial.

Data Sources

• Key data sources include IDS/IPS firewalls, authentication systems, integrity monitors, system event logs, netflow records and antimalware packages

Identification and Event Management (SIEM)

• Security solutions that collect information from diverse sources, using a Centralized log repositories which are then analyzes and retains it for later use
• External risks may be discovered through an EXTERNAL source (customer) that reports it, so the IR Team needs a consistent reporting method.

First Responder's Duty

• Key responsibilities include Containing damage through isolation (highest priority)

Key goals of a Disaster Recovery (DR)

• Disaster Recovery (DR); Restores normal operations quickly when business continuity plan fails: Flexibility!
• This requires Contain damage through isolation and recover normal operations. Once these are implemented, the DR team shifts to Assessment Mode to triage/analyze damage and implement permanent recovery operations

Measures

• Recovery Time Objective (RTO): Targeted time to restore service after disruption.
• Recovery Point Objective (RPO): Targeted the amount of data to recover.
• Recovery Service Level (RSL): Targeted percentage of service to restore. Reliable backups
• Redundency in case of Technology failure, Human error or Natural disaster.

Reliable Backups

• Backup Methods includes Disk-to-disk and cloud setups instead of the traditional now outdated Tape Back ups
• Full Backups include a complete copy of all data. Snapshots and images are types of full backups
• Differential Backups will include Supplement Full Backups
• Include all data modified since either the last full or incremental backup

Disaster Recovery Sites

• Provide alternate data processing facilities that Usually stay idle until emergency situation arises
• Hot sites: Fully operational data site that can be activated with speed, but are very expensive
• Cold site: Empty Data Center that requires a restoration period to stock equipment and other necessities of recovery and is not very expensive
• Warm Site: Is a Hybrid of both Hot and Cold but stocked with core infrastructure less active time in IT staff
• Recovery sites Don't only provide a facility for technology operations, also serve as an Offsite Storage type of Geographically distant Site Resiliency

Access Concerns

• Online access: available for immediate restoration
• Offline access, relies on manual intervention, are less expensive
• Alternate Business Process is when organization's use a recovery plan to match their organizational setup

Disaster Recovery Testing

• Testing procedures requires Validate plan functions correctly and Identify plan updates.
• Types of Disaster Recovery Testing will be Read-through( the simplest, where members check off) , Walk-through(More comprehensive with team gathered) , Simulation( uses practices.)
• Physical Access Controls which facilities require: Data Centers, Server Rooms, Media Storage Facilities, Evidence Storage Locations, Wiring Closets, Distribution Cabling, Operations Center

Physical Security

• Physical Security measures include; fencing, gates, which allow focus on other security, Bollards
• Crime Prevention Through Environmental Design (CPTED) employs security measures appropriate to one environments.

Goals of Environment Design

• Natural Surveillance is enabled through Windows, Lighting, etc
• Natural Access Control can be set up by setting Gates etc
• Natural Territory Reinforcement can be set up for controlled public safety

Visitor Management

• Processes must protect and guard against intrusions
• Procedures must have Description of Visits, Authority, Access details and must have all Secured areas Logged with distinct colored tags and the visitor areas well lit

Physical and Human Security

• Human security should be high and intimidating
• Sometimes "aggressive" look is sometimes desirable
• Robots may replace human security patrols and have a two part lock system that two person's must enter and trigger, or input before action

Logical Access Controls

• Account Management Tasks: Schemes, diversity/integrity of work, vacation policies, managing Account Lifecycle

Account Monitoring Procedures

• Account Audits, which includes, generating listings, reviews and updates

Preventing Inaccurate Permissions

• Inaccurate Permissions and switching roles can result in too little or too much/ privilege creep
• Formal Attestation Process, which is periodic account reviews by auditors
• Continuous Monitoring is always on the lookout for Suspicious activities

Provisioning

• Activities include: Geotagging and Geofencing
• Involves creating, updating and deleting user accounts across multiple applications. Critical for Identity and Access Management

Deprovisioning

• During Off-boarding: Disable accounts and Revoke authorization
• A proper Time Management is recommended to check for weak credentials and make necessary revisions to any of the protocols.

General Authentication

• Key processes include Approval and Deactivation before Removal
• Requires Authentication of users and Principle of Least Privilege

Account Protection

• Protection against internal and external risks using high standard protocols

Mandatory Access Control (MAC)

• The system strictly runs all protocol and the Users cannot modify it

Discretionary Access Control (DAC)

• is a flexible platform where permissions are determined by the file owners

Role-Based Access Control (RBAC)

• is a highly integrity where Permissions are granted to the groups of people/ job functions
• A Network is a combination of devices and the Internet where as WANs span large wide-area

Local Area Networks (LANs)

• Connect devices in the same building and are supported by connection via Ethernet cables

Wireless Network

• Wireless Networks (Wi-Fi) creates Wireless LANs
• Bluetooth Creates a Personal Area Network (PAN) and are designed to support Wireless.

Network Protocol

• TCP/IP suite is at the heart of its workings

Internet Protocol Suite

• Functionality include Provision of addressing scheme
• Routes information and has great flexibility

Transport Layer

• Delivers information of packets across Destination/Resource locations
• Supports high level and high-end layer protocol

Types of Protocols

• Transmission Control Protocol which is connection oriented
• UDP, which is not connection oriented and doesnt check for confirmation

Open Systems Interconnection

• OSI layers are a TCP model which dictates how its data, networks and application settings should function

IPv4 Addressing

• IP system identifiers used for systems like networks
  • Use written notations and numerical ranges
• Network Ports, use the network connection system to access services

Important Port Numbers

• 21: ftp
• 22: ssl
• 80: web
• 443: secure web
• 3389: desktop
• Service Set Identifier (SSID) wifi settings
• Check for security authentication keys that help create private portals

Wireless Encryption

• A must have for security and protocol functionality to verify and access data and information. WEP->WPA0>WPA 2
• WPA 2 contains enhanced version of CCMP which makes it secure
• WPA3 a newer version provides high network encryption

Networking Command Prompts

• Ping: is a tool that verifies information like path and connection
• Hping creates unique ways to connect to a host

Type of Paths

• TraceRoutes determines paths between different networks
• Mac and Linux has commands only accessible through their systems

Network Threats

• Malware and their payloads compromise data safety

Type of Malware

• Virus spread with user action/intent
• Worms spread by exploiting system vulnerabilities
• Trojan Horse pretend to be legit and installs Malware

Types of Networks

• Systems work that steal computing data from various devices and machines. These networks infects Systems converts to bots and delivers a payload
• Eavesdropping attacks are when devices are hacked and compromised over the network, such as network tapping, DNS and ARP poisoning.

Exploits

• Man in the Middle Attack can be targeted through a web application process which exploits and tracks user credentials

Security Measures

• Replay Attack prevent loss of accounts and timestamps
• Attack cryptography's due to improper setting, faults, and channels

Intrusion Detection

• Intrusion Detection Systems (IDS) monitor network protocol usage. Examples include SQL injection Malform packs unusual logins. These system sends security alerts via the firewall

Testing Protocols

• Signature detection uses databases of known Malware to detect threats and reduce false positives
• Anomaly Detection finds an outlier and relies more on behavior activity and traits

IPS

• Deployment requires testing that will identify and detect patterns and activities

Network Threats

• Malware
• The Antimalware software prevents network threats in antivirus and Trojan form. Protects using Signature Detection and Behavior Detection
• Port Scanners and Vulnerability Scanners monitor and address all the points of access and connections

Data Centers

• The systems require extensive Cooling, proper Temperature, Humidity controls and good placement in a low EMF profile

Firewall Setting

• Setting use systems like wet and dry types to deploy. However, all systems must have Memorandum of Understanding agreements to use the systems effectively.

Security Zones

• Security Zones firewall are divided into security modes and protocols
• Firewall systems requires system and protocols to access servers with connections that are reliable in both traffic and trust. In order to access all of these trust systems require the proper amount of authentication or connections
• Special Networks which have dedicated extranet or HoneyPots
• A good North to South end connection has Switches and Routers that build together computer networks
  • They are layered for high functionality within computers

Firewall Settings

• FireWalls protect and secure the internal network and prevent network loss or data breach.
• FireWall parameters are usually 1. Source system address 2. Destination system address 3. Destination port and protocol 4. Action (Allow or Deny)

Security Measures

• Always use new models to accommodate for user and activity, such s Evaluate requests based on the identity of user, nature of application and time of day. Other Firewall
• Network Hardware is always Proprietar

Security Functions

• Site to Site requires security to connect to remote and headquarters: Branch Hq remote access
• VPN functions require the network to create and use encrypted tunnels between the system and data base. VPN access requires points and routers to connect.
• SSL/TLS VPNs are often used over Static for static Site to Site or site vpn tunnels

VPN access

• In order to access network traffic a secure channel requires Full tunnel VPN
• Requires more network activity
• Or a Splinter VPN which only access certain internal server content all protected by a very high amount of encryption

Network Protocol and User Authorization

• Intercept and verify if users are authorized and allow for further access
• Set of authentication: Device user authentication and role based. Before granting users to all areas checks health, access and signature
• Internet Security is dependent on the constant implementation of firewall restrictions

Protection Protocol

• Always check Weak Passwords
• Set updates and protocols

Cloud Computing

• Delivery needs resources from networks
• Servers, storage application
• Categories are delivered by vendors and platforms
• Dedicated for all the cloud structures

Security Vendors

Services offer support from various security points

• Provide Technology
• Must carefully be monitored
• Manage the right to entire IT structure

Cloud Vendor

• Security protection is an option from high point vendors through networks. Need to be managed due to vendor issues.
• All vendors require high standards for various security points
• Needs 0 down data loss
• Systems need authentication codes and protocols to protect

Code Encryption

• Encodes code so unauthorized readers cannot use it
• Requires strong protocols

Code Communication

• As encryption key to read message
• The system needs parameters for encryption to encode

Setting Strong Security

• Always be symmetric but use asymmetric data to have extra protection
• All criterias must be secure one way or they become vulnerable

Common Hash Functions

• Contains both modern day and older encryption/decryptions for data processing

Log Management

• Provides accountability, traceability and auditability for events
• Security protocol and data must be able to identify

1. Traceability
2. Availability
3. Review

• And be constantly updated and secure

Security Measure and Training

• To avoid manipulation you have proper Security Awareness and Safety. Set protocol to avoid phishing
• Always stay up do date with information