CyberSec (03 handout 1 IT infrastructure)
Refers to any group of users, workstations, devices, printers, computers, and database servers that share different types of data via network resources.
Domain
User Domain
Network Domain
Lan Domain
This covers all the users that have access to the other domains.
User Domain
LAN Domain
WAN Domain
LAN/WAN Domain
It is a computer of an individual user where the production takes place.
Workstation Domain
User Domain
LAN Domain
WAN Domain
This contains all of the workstation, hubs, switches, and routers. This is also a trusted zone.
LAN Domain
WAN Domain
LAN/WAN Domain
System/Application Storage Domain
It consists of the Internet and semi-private lines.
WAN Domain
LAN/WAN Domain
LAN Domain
System/Application Storage Domain
It is the boundary between the trusted and untrusted zones. The zones are filtered with a firewall.
User Domain
Workstation Domain
System/Application Storage Domain
Remote Access Domain
This domain is made up of user-accessed servers such as e-mail and database.
System/Application Storage Domain
Remote Access Domain
WAN Domain
LAN/WAN Domain
User Domain Risk (Find wrong ans)
User can destroy data in the application (intentionally or not) and delete all.
User can use the password to delete his/her file.
User can insert infected CD or flash drive into the computer.
User can penetrate an IT infrastructure and gain access to the internal network.
Workstation Domain (Find wrong ans)
The workstation's operating system can have a known software vulnerability that allows a hacker to connect remotely and steal data.
A workstation's browser can have a software vulnerability, which allows unsigned scripts to install malicious software silently.
A workstation's hard drive can fail to cause loss of data.
A workstation's can spread through the LAN and infect all computers in it.
Lan Domain (Find wrong ans)
A work can spread through the LAN and infect all computers in it.
LAN server OS can have a known software vulnerability.
An unauthorized user can access the organization's workstations in a LAN.
The LAN provider can have a major network outage.
Wan Domain (Find wrong ans)
The service provider can have a major network outage.
Server can receive a Denial of Service (DOS) or Distributed Denial of Service (DDOS) attack.
A file transfer protocol (FTP) can allow anonymously uploaded illegal software.
A DOS provider can cripple the organization's e-mail.
LAN/Wan Domain (Find wrong ans)
A hacker can penetrate an IT infrastructure and gain access to the internal network.
A firewall with unnecessary ports open can allow access from the Internet.
A file transfer protocol (FTP) can allow anonymously uploaded illegal software.
A DOS attack can cripple the organization's e-mail.
System/Application Storage Domain (Find wrong ans)
A fire can destroy primary data.
A DOS attack can cripple the organization's e-mail.
A database server can be attacked by SQL injection, corrupting the data
A firewall with unnecessary ports open can allow access from the Internet.
Remote Access Domain (Find wrong ans)
Communication circuit outage can deny connection.
Remote communication from the office can be unsecured.
A fire can destroy primary data.
A work can spread through the LAN and infect all computers in it.
Is defined as a sub-network that is made up of servers and clients-each of which is controlled by a centralized database.
LAN Domain
WAN Domain
Remote Access Domain
Expansion Domain
Is a communications network that spans a large geographic area such as cities, states, or countries. It can be private to connect parts of a business, or it can be more public to connect smaller networks.
LAN Domain
WAN Domain
Remote Access Domain
VPN technology
Enables remote users to access files and other system resources on any devices or servers that are connected to the network at any time, increasing employee productivity and enabling them to better collaborate with colleagues around the world.
Remote access domain
LAN Domain
WAN Domain
Workstation Domain
Access strategy also gives organizations the flexibility to hire the best talent regardless of location, remove silos, and promote collaboration between teams, offices, and locations.
Remote access domain
WAN Domain
LAN Domain
VPN technology
Was developed as a way to enable remote users and branch offices to log into corporate applications and other resources securely.
VPN technology
Remote access domain
LAN Domain
WAN Domain
A piece of software called "VPN client" is installed in the end user's computer and is configured with details about the target network, such as the gateway IP address and a pre- shared security key.
IP security VPN (IPsec VPN)
Microsoft DirectAccess
VPN technology(VPT)
Secure Socket Layer VPN (SSL VPN)
Is a common encryption technology that is widely used to provide secure communication on the Internet.
Secure Socket Layer VPN (SSL VPN)
IP security VPN (IPsec VPN)
VPN technology(VPT)
Microsoft DirectAccess
Is a relatively new player to the remote access arena that was not developed by a firewall manufacturer
Microsoft DirectAccess
Secure Socket Layer VPN (SSL VPN)
IP security VPN (IPsec VPN)
VPN technology(VPT)
This consists of all of a business' mission-critical systems, applications, and data.
System/Application Domain
LAN/WAN Domain
Unauthorized Physical Access
Workstation Domain
It is important to ensure that this domain is secure at all times. Otherwise, a business could easily lose large amounts of sensitive information as well as face the threat of having productivity come to a halt.
System/Application Domain
LAN/WAN Domain
Unauthorized Physical Access
Workstation Domain
ERP meaning
Enterprise Resource Planning
Enterprise Resource Planting
Enterprise Recalling Planning
Enterprise Recalling Planting
System/Application attacks are generalized into three (3) categories: (Find wrong ans)
Denial or destruction
Alteration
Disclosure
Forced
This can be defined as "gaining access to a physical entity or area without permission from an administrative figure."
Unauthorized Physical Access
System/Application Domain
Workstation Domain
LAN/WAN Domain
This threat is especially dangerous when the targets are sensitive areas such as computer rooms, data centers, or wiring
Unauthorized Physical Access
Unauthorized Logical Access
Software Vulnerabilities
Data Loss
This is nearly identical to unauthorized physical access, except it is not limited to tangible data.
Unauthorized Physical Access
Unauthorized Logical Access
Software Vulnerabilities
Data Loss
This is a flaw that exists in the programming of a software component or system that allows a malicious attacker to gain unauthorized access to that system through an exploit.
Software Vulnerabilities
Unauthorized Logical Access
Unauthorized Physical Access
Server Vulnerabilities
These vulnerabilities can be exploited through malicious software known as "malware" that is accidentally executed on the system by a user or more directly exploited by an attacker.
Software Vulnerabilities
Server Vulnerabilities
Unauthorized Logical Access
Unauthorized Physical Access
Are similar to software vulnerabilities on non-server systems with the exception that software vulnerabilities that can exist on servers have the potential to be even more damaging.
Server Vulnerabilities
Software Vulnerabilities
Data Loss
Reducing Risk
Includes any information stored digitally on a computing system or network.
Data
Data Loss
Server Vulnerabilities
Server
Occurs when any stored data is destroyed.
Data Loss
Reducing Risk
Server Vulnerabilities
Software Vulnerabilities
Considered the greatest risk to the system/application domain because the goal of these systems is to allow users to create, store, retrieved, and manipulate data.
Data Loss
Reducing Risk
Server Vulnerabilities
Software Vulnerabilities
The most common preventative measure is to perform backups of all data.
Data Loss
Reducing Risk
Server Vulnerabilities
Software Vulnerabilities
(Find right ans) Reducing Risk, the following suggestions should be taken into consideration to reduce risks associated with the system/application domain:
Physically secure areas containing sensitive systems.
Implement encryption and data handling standards.
Minimize data access.
Back up data.
(Find wrong ans) Reducing Risk, the following suggestions should be taken into consideration to reduce risks associated with the system/application domain:
Be aware of all applications on the network.
Plan, configure, maintain, and improve network servers.
Develop and implement standards.
Read and understand the provided Acceptable Use Policy.
Report suspected IT policy violations to the supervisor.
A fire can destroy primary data
Refers to the code of responsible behavior on the Internet.
Cyber ethics
Cyberbully
Human Rights
Public Services
(Find right ans) Considerations when determining responsible behavior
Do not use rude or offensive language.
Do not cyberbully.
Do not plagiarize.
Do not break into someone else's computer.
(Find wrong ans) Considerations when determining responsible behavior
Do not use someone else's password.
Do not attempt to infect or in any way try to make someone else's computer unusable.
Adhere to copyright restrictions when downloading material from the Internet, including software, games, movies, or music.
Do not be responsible
(Find right ans) Ethics Manifesto by Gerd Leonhard focuses on five (5) specific human rights that he believes could be endangered if people don't have an ethical framework to guide them.
The right to remain natural
The right to be inefficient if and where it defines our basic humanities
The right to disconnect
The right to be anonymous
The right to employ or involve people instead of machines
(Find wrong ans) The Code of Ethics for Information Security Professional is derived from the Unified Framework for Information Security Professionals, which emphasizes these three (3) core ethic values:
Integrity
Objectivity
Professional Competence and Due Care
Values
{"name":"CyberSec (03 handout 1 IT infrastructure)", "url":"https://www.quiz-maker.com/QPREVIEW","txt":"Refers to any group of users, workstations, devices, printers, computers, and database servers that share different types of data via network resources., This covers all the users that have access to the other domains., It is a computer of an individual user where the production takes place.","img":"https://www.quiz-maker.com/3012/images/ogquiz.png"}
More Quizzes
Sunced Frosthold Quiz
241233
FCPS Late Start Policy
100
Do you have any recommendations in new papers today?
100
Pet and House Sitting Quiz
26130
BCC July Quiz
1167
Sarah-Joy, Sammi, Metaxia
1050
Space
740
Har du potentiale som ejendomsmægler?
1050
The MUSIC dance club would like to provide the berst possible dance venue for swing dancing. Please vote for the dance venue of your choice. Thank you for your participation.
210
Do u know Max really good?
422113
The Outlander Quiz
7426
Qual Jor18 você é?
32160