Enterprise Environment Security Concepts | CompTIA Security+ SY0-601 | 2.1b

In this video you will learn about enterprise environment security concepts such as: geographical considerations, response & recovery controls, Secure Sockets Layer/Transport Layer Security inspections, hashing, and API considerations.

Geographical Considerations

Geographical considerations are considerations that affect the laws & regulations that have been created to address data privacy & digital rights management (DRM).[1]

  • Data Privacy:  the relationship between the collection & dissemination of data, technology, the public expectation of privacy, and the legal & political issues surround them.[2]  Data privacy can be challenging since it attempts to use data while protecting an individual’s privacy preferences and personally identifiable information.[3]  The fields of computer security, data security, & information security all design and use software, hardware, and human resources to address this issue.
  • Digital Rights Management (DRM):  Digital rights management is the management of legal access to digital content.  Various tools or technological protection measures such as access control technologies can restrict the use of proprietary hardware and copyrighted works.[4]  DRM technologies are the use, modification, and distribution of copyrighted works (such as software and multimedia content), as well as system that enforce these policies within devices.[5]

Response & Recovery Controls

Response & recovery controls are plans that you must have in place in the unfortunate event of a data breach, including the assembly of a team of experts within an organization, as well as legal counsel.[1]  Part of response & recovery controls is using a data forensics team to help determine the source and scope of the breach, in addition to collecting and analyzing evidence to outline remediation steps.[1] 

Secure Sockets Layer (SSL)/Transport Layer Security (TLS) Inspection

Secure Sockets Layer Inspection is the older version of what is now known as Transport Layer Security Inspection (TLSI).  TLSI is a security process that allows organizations to decrypt traffic, inspect the decrypted content for threats, & then re-encrypt the traffic before it enters or leaves the network.[1]  In layman’s terms, you can think of TLSI as Transportation Security Administration workers inspecting the contents of your luggage before you board a plane.

Hashing

Hashing is an algorithm performed on data such as a file or message to produce a number called a hash (sometimes called a checksum).  The hash is used to verify that data is not modified, tampered with, or corrupted.  In other words, hashing allows for you to verify that the data has maintained its integrity.[6]  Hashing is used in digital signatures, file & message authentication, and as a way to protect the integrity of sensitive data such as data being entered into databases or perhaps entire hard drives.[1]

API Considerations

An API is a connection between computers or between computer programs.  It is a type of software interface, offering a service to other pieces of software.[7]  In contrast to a user interface, which connects a computer to a person, an API connects computers or pieces of software to each other.  It is not intended to be used directly by a person (the end user) other than a computer programmer who is incorporating it into software.  Here are some considerations concerning APIs:[1]

  • Secure API services to only provide HTTPS endpoints with a strong version of TLS.
  • Validate parameters in the application & sanitize incoming data from API clients.
  • Explicitly scan for common attack signatures; injection attacks often betray themselves by following common patterns.
  • Use strong authentication & authorization standards.
  • Use reputable & standard libraries to create the APIs.
  • Segment API implementation & API security into distinct tiers; doing so frees up the API developer to focus completely on the application domain.
  • Identify what data should be publicly available & what is sensitive information.
  • If possible, have a security expert do the API code verification.
  • Make internal API documentation mandatory.
  • Avoid discussing company API development (or any other application development) on public forums.

References

  1. Santos, O.; Taylor, R.; Mlodziannowski, J. CompTIA Security+ SY0-601 Cert Guide.
  2. Michael, M.G. & Michael, K. (2013). Uberveillance and the Social Implications of Microchip Implants: Emerging Technologies.
  3. Vicenc, T. (2017). Data Privacy: Foundations, New Developments and the Big Data Challenge, Studies in Big Data. Springer International Publishing.
  4. Computer Forensics:  Investigating Network Intrusions and Cybercrime. Cengage Learning.
  5. Fact Sheet: Digital Rights Management and Technical Protection Measures. Priv.GC.CA.
  6. Hashing. Cybersecurity Glossary.
  7. Reddy, M. (2011). API Design for C++. Elsevier Science.