Security Architecture
This component of security architecture defines the rules, policies, and procedures that govern the protection of an organization's assets and data.
What is security policy?
This term refers to the process of continuously monitoring and analyzing security events to detect and respond to potential threats.
What is security monitoring?
This cryptographic algorithm, named after its creators, is widely used for secure communication over the internet.
What is RSA?
This governance principle emphasizes the importance of defining clear roles and responsibilities for security decision-making and oversight.
What is accountability?
This component of a security policy defines the specific actions that should be taken in response to a security incident.
What is an Incident Response Plan?
This term refers to the process of identifying and categorizing assets, assessing vulnerabilities, and implementing controls to protect against threats.
What is risk assessment?
This security operations concept involves the use of automated tools and processes to streamline incident response and remediation.
What is Security Orchestration, Automation, and Response (SOAR)?
This cryptographic technique uses two keys - a public key for encryption and a private key for decryption.
What is asymmetric encryption?
This process involves identifying and assessing potential risks to an organization's assets, operations, and reputation.
What is risk management?
This type of penetration testing simulates an attack from an external threat actor trying to gain unauthorized access to an organization's systems.
What is Black Box Testing?
This security architecture model emphasizes defense-in-depth, segmentation, and latest privilege access control.
What is the Zero Trust model?
This framework provides guidelines and best practices for establishing and maintaining an effective security operations center (SOC)
What is the NIST Cybersecurity Framework?
This security engineering principle involves designing systems with security in mind from the start, rather than adding it as an afterthought.
What is security by design?
This regulatory standard outlines requirements for protecting electronic protected health information (ePHI) in the healthcare industry.
***DAILY DOUBLE***
What is the Health Insurance Portability and Accountability Act (HIPAA)?
This security concept involves ensuring that data is only accessible by authorized users and processes.
What is data confidentiality?
This technology is commonly used in security architecture to monitor and analyze network traffic for suspicious activity.
What is Intrusion Detection System/Intrusion Prevention System?
This term refers to the process of investigating security incidents to determine the cause, extent of damage, and appropriate response actions?
What is incident response?
This type of cryptographic attack involves analyzing patterns in encrypted data to uncover the original plaintext or encryption key.
What is a known plaintext attack?
This governance framework outlines best practices for establishing and maintaining effective IT governance within an organization.
What is COBIT - Control Objectives for Information and Related Technologies?
This security protocol is used to secure remote access connections by creating a secure tunnel between a client and a network.
What is VPN - Virtual Private Network?
This concept in security architecture emphasizes the importance of designing security controls to be resilient and able to withstand attacks.
What is security resilience?
This security operations strategy involves sharing threat intelligence and collaborating with other organizations to improve cybersecurity defenses.
What is threat information sharing?
This security engineering principle involves designing systems to limit the impact of security breaches and prevent attackers from moving laterally within a network.
What is the principle of least privilege?
This governance framework provides a structured approach to managing and improving an organization's information security program.
What is the ISO/IEC 27001 standard?
This security model is based on the concept of separating information into different security domains to prevent unauthorized access.
What is the Bell-LaPadula model?