Segmentation, Access Control & Mitigation Techniques

Question 1

Segmenting the Network

Answer 1

Segmenting the network → security practice that divides a network into smaller, isolated segments to limit lateral movement, reduce attack surface, and contain breaches.

Question 2

ACL

Answer 2

Access control list (ACL) → rule set that explicitly allows or denies network traffic based on criteria such as Internet Protocol address, port number, or protocol.

Question 3

Application Allow List/Deny List

Answer 3

Application allow list and deny list → security controls that permit only approved applications to run or explicitly block known malicious or unauthorized software.

Question 4

Mitigation

Answer 4

Mitigation → actions taken to reduce the severity, impact, or likelihood of a security threat or vulnerability rather than eliminating it entirely.

Question 5

Patching

Answer 5

Patching → process of applying updates to software or systems to fix vulnerabilities, improve stability, and reduce exposure to known attacks.

Question 6

Encryption

Answer 6

Encryption → security technique that protects data by converting it into unreadable ciphertext, ensuring confidentiality for data at rest and data in transit.

Question 7

SIEM

Answer 7

Security information and event management (SIEM) → Centralized security and event logging software. Detects an helps respond to threats

Question 8

Least Privilege

Answer 8

Least privilege → access control principle that grants users and systems only the minimum permissions necessary to perform their required tasks.

Question 9

Configuration Enforcement

Answer 9

Configuration enforcement → posture assessment process that ensures systems remain compliant with approved security baselines and configuration standards.

Question 10

Decommissioning

Answer 10

Decommissioning → secure process of retiring systems or services by removing access, wiping data, and eliminating unused resources to prevent future exploitation.