9 - Security Solutions for Infrastructure Manage
System Isolation (Air Gap)
A network or single host computer with special security requirements may have to be physically separated from any other network. This creates many management issues, however, and so is only done rarely. Logical isolation of a single host could be achieved using a firewall or requiring other hosts to connect to the isolated host over a virtual private network (VPN), where the connecting hosts can be authenticated.
Software-Defined Networking (SDN)
A newly emerging computer networking architecture. Its main distinguishing factor is the separation of the data plane from the control plane in routers and switches. In other words, the control is decoupled from hardware and implemented in software. Under this architecture, the implementation of the control plane is via software within the servers and is separate from networking equipment, while the data plane is implemented within networking hardware or equipment. The best example of this architecture is OpenFlow.
Secure Boot
A security system offered by UEFI. It is designed to prevent a computer from being hijacked by a malicious OS. UEFI is configured with digital certificates from valid OS vendors. The system firmware checks the operating system boot loader using the stored certificate to ensure that it has been digitally signed by the OS vendor. This prevents a boot loader that has been changed by malware (or an OS installed without authorization) from being used.
IAM Log Review: Unscheduled changes to the system's configuration
An attacker may try to adjust the system's configuration in order to open it up to additional methods of compromise, like adding a backdoor for the attacker to exfiltrate data.
IAM Monitoring and Logging typical categories
Account log-on and management events. Process creation. Object access (file system/file shares). Changes to audit policy. Changes to system security and integrity (anti-virus, host firewall, and so on).
DAC: Role-Based Access Control (RBAC)
Adds an extra degree of administrative control to the DAC model. A set of organizational roles are defined, and users are allocated to those roles. Under this system, the right to modify roles is reserved to administrative accounts. Therefore, the system is nondiscretionary, as each user has no right to modify the ACL of a resource, even though they may be able to change the resource in other ways. Users are said to gain rights implicitly (through being assigned to a role) rather than explicitly (being assigned the right directly).
IAM Log Review: Multiple consecutive authentication failures
Although a legitimate user may forget their password, this could also indicate a password-cracking attempt by an unauthorized user.
eFUSE
An Intel-designed mechanism to allow a software instruction to blow a transistor in the hardware chip. One use of this is to prevent firmware downgrades, implemented on some games consoles and smartphones. Each time the firmware is upgraded, the updater blows an ______. When there is a firmware update, the updater checks that the number of blown _______ is not less than the firmware version number. Another use is one-time programming (OTP), which is used to seal cryptographic keys and other security information during the firmware development process. OTPs can also use a newer technology called antifuse.
What type of policy might include or supplement a BYOD policy?
An acceptable use policy.
Field Programmable Gate Array (FPGA)
An integrated circuit that can be programmed or reprogrammed to the required functionality or application after manufacturing. Important characteristics include lower complexity, higher speed, volume designs and programmable functions.
Jumpbox
Only runs the necessary administrative port and protocol (typically SSH). Administrators connect to this then use the it to connect to the admin interface on the application server. The application server's admin interface has a single entry in its ACL and denies connection attempts from any other hosts. This could be implemented as a separate server or as a virtual machine (VM).
DAC: Mandatory access control (MAC)
Based on the idea of security clearance levels. Rather than defining access control lists on resources, each object and each subject is granted a clearance level, referred to as a label. If the model used is a hierarchical one (that is, high clearance users are trusted to access low clearance objects), subjects are only permitted to access objects at their own clearance level or below. Alternatively, each resource and user can be labeled as belonging to a domain (compartmentalized).
Self-Encrypting Drives (SED)
Can be protected by software-based encryption. There are both file-level and drive-level schemes. One of the drawbacks of software-enforced encryption is that, because the OS performs the cryptographic operations, performance takes a hit. This issue is mitigated by _________, where the cryptographic operations are performed by the drive controller. It uses a media encryption key (MEK) to encrypt data and stores the MEK securely by encrypting it with a key encryption key (KEK), generated from the user password.
Secure Processing: Atomic execution
Certain operations, such as to initialize a memory location, should only be performed once or not at all. One of the functions of a secure enclave is to ensure that malicious code does not try to reuse or hijack an atomic execution operation to create some sort of race condition or buffer overflow that transfers control of a process to the malicious code or allows it to inspect a memory location it should not be able to access.
IAM Monitoring and Logging: Accounting for all actions that have been performed by users.
Change and version control systems depend on knowing when a file has been modified and by whom. Also provides for non-repudiation (that is, a user cannot deny that they accessed or made a change to a file). Behavior recorded by access logs that differs from expected behavior may indicate anything from a minor security infraction to a major incident. The main problems are that auditing successful access attempts can quickly consume a lot of disk space, and analyzing the logs can be very time-consuming.
Provisioning
Creating an account and giving a user authorization to use a particular application or file
IAM Tasks
Creating and deprovisioning accounts (onboarding and offboarding). Managing accounts (resetting user passwords, updating certificates, managing permissions and authorizations, and synchronizing multiple identities). Auditing account activity. Evaluating identity-based threats and vulnerabilities. Maintaining compliance with regulations.
Change Management
Each individual network component should have a separate document or database record that describes its initial state and all subsequent changes. This document should include configuration information, a list of patches applied, backup records, and even details about suspected breaches. Printouts of hash results, last modification dates of critical system files, and contents of log files may be pasted into this asset documentation.
What administrative control(s) will best reduce the impact of an attack where a user gains control over an administrator's account?
Ensure accounts are configured with the least privileges necessary. This makes it less likely that a "root" or "domain admin" account will be compromised. Use logging and separation of duties to detect intrusions.
MFA: Biometric
Fingerprint or face recognition scanners are now straightforward to deploy to users. Mechanisms such as retina or iris scanning are harder to spoof but are most costly to deploy. Password-based credentials might be allowed as a backup authentication mechanism. Two-step verification and/or location-based conditional access might be used as a multifactor mechanism.
You are working for a small company. The owner wants to replace a server with a second-hand device sourced from an eBay vendor. You caution that the lack of vendor due diligence means there is some risk from this approach. The business owner retorts that the savings are well worth the minimal risk. Should you continue to object to the acquisition, or can another risk mitigation strategy be applied?
Firmware-based exploits are relatively difficult to develop, so the owner is probably correct that there is little risk of a small company such as yours being targeted. That said, any larger companies that your firm contracts may take a different view. You can mitigate the risk by ensuring that the firmware is replaced and all disks sanitized before the server is put into production.
SDN: Data Plane
Handles the actual switching and routing of traffic and imposition of access control lists (ACLs) for security.
Certificate Management Task: Installing, updating, and validating trusted root certificates
Historic data breaches have used compromised CA root certificates or other lax controls by trusted CAs. It is essential to remove compromised root certificates from client machines promptly.
Physical Segmentation
If an Ethernet switch is deployed in unmanaged mode, each host connected to the switch is locally connected to all the other hosts. In this type of network, one switch would be deployed for each such segment. If there were more hosts than switch ports in the segment, the switches could be connected together. If communication between segments was needed, the switches serving each segment would be connected to a router. The router can be configured with an access control list (ACL) to apply logical rules to traffic passing between segments.
Secure Processing: Bus encryption
If data on a mass storage device is encrypted, and the application developer has made use of a secure enclave to secure the key, an additional avenue of attack can occur when the data is transferred to another device over a bus, such as PCIe, USB, or HDMI. Ensures that the device at the end of the bus is trusted to decrypt the data. Often deployed to secure the use of digital rights management (DRM) mechanisms. For example, a DRM-protected Blu-ray disc is only playable if the TV or monitor supports High-bandwidth Digital Content Protection (HDCP).
Secure Processing: Secure enclave
If the OS is trusted, the extensions allow a trusted process to create an encrypted container for sensitive data. This makes attacks such as buffer overflow impossible to achieve. A typical usage would be for an application to use a ________ to store encryption keys. To create a __________, the software developer must obtain a key from the CPU vendor to use to identify the trusted process.
Why might manual review of authentication logs be required as part of reviewing security architecture?
If unauthorized access is suspected but has not been flagged by SIEM (discover and eliminate false negatives).
Hardware Source Authenticity
In terms of procurement, organizations should ensure _______ by purchasing from reputable suppliers, and not from second-hand or aftermarket sources, where there is a greater risk of inadvertently obtaining counterfeited or compromised devices.
You want to provide controlled remote access to the remote administration interfaces of multiple servers hosted on a private cloud. What type of segmentation security solution is the best choice for this scenario?
Installing a jumpbox as a single point of entry for administration of servers within the cloud is the best choice for this requirement.
Demilitarized Zones (DMZs)
Internet-facing hosts are usually placed in this. This also referred to as a perimeter network. Traffic cannot pass through it directly. Everything behind this is invisible to the outside network. Servers that supply extranet or public access services should be placed in one or more of these. These would typically include web servers, mail and other communications servers, proxy servers, and remote access servers. The hosts in a _______ are not fully trusted by the internal network because of the possibility that they could be compromised from the Internet. They are referred to as bastion hosts.
Identity and Account Type: Software
Like servers, applications and services can be uniquely identified in the organization through digital certificates. This helps the client verify the software's provenance before installation. As with servers, the security of the entity that issued the certificate is paramount. One unique issue with applications is how to determine which other entities are allowed to run certain apps. Services like Windows AppLocker enforce identity policies that either allow or disallow a client from running a specific app based on the app's identity and the client's permissions.
SDN: Control Plane
Makes decisions about how traffic should be prioritized and secured, and where it should be switched.
Manual Provisioning
Means that the account is configured by an administrator on the service provider's site. This is obviously labor intensive and propagating changes is slow.
Automatic Provisioning
Means that users are enrolled with the service provider without intervention. For example, the network administrator might create a "Sales" group and specify that any user added to the "Sales" group will automatically gain log-on rights to the CRM cloud service. Changes in account status and application authorizations are communicated between the two sites using some sort of protocol.
Multifactor Authentication (MFA)
Mechanisms are designed to replace the use of simple passwords, or to make them more secure against abuse. Two-step verification Biometric Certificate-based Location-based
Identity and Account Type: Servers
Mission-critical systems can use encryption schemes, like a digital certificate, to prove their identity and establish trust. The most pressing issue with digital certificates is the security of the entity that issued the certificate. If this entity is compromised, then the identity of the server may not be verifiable. This is often why organizations buy certificates from major certificate authorities rather than establish their own public key infrastructure (PKI) or use self-signed certificates. In the case that the organization does run its own PKI, the root certificate authority (CA) and private key must be guarded closely.
SDN: Management Plane
Monitors traffic conditions and network status.
Virtual Private Networks (VPN)
Most companies use remote access mechanisms and __________ to allow hosts physically located outside the local network to access resources inside the network. These are enabled by protocols such as IPsec, Secure Shell (SSH), and Transport Layer Security (TLS). Use of these need to be subject to authentication and accounting mechanisms. They can be deployed in many other circumstances to provide a secure tunnel between two hosts or sites over an untrusted network. For example, this might be used to connect hosts on a local network to resources hosted by a cloud provider.
Access Control Lists (ACLs)
Network traffic between zones is controlled, using a security device, typically a firewall. The firewall enforces an ________ that, in its most basic form, records IP addresses and ports that are allowed or denied access to the segment.
Code of Conduct for privileged users
Only use privileges to perform authorized job functions. Protect the confidentiality and integrity of personal account credentials, plus any shared accounts that the privileged user has access to. Be aware of and in compliance with any legal and regulatory issues that affect data processing, especially as regards PII, SPI, and HPI. Respect the privacy of other network users.
Active Defense
Refers to controls that perform some type of counterattack. Means an engagement with the adversary, but this can be interpreted in several different ways. One type of involves the deployment of decoy assets to act as lures or bait. It is much easier to detect intrusions when an attacker interacts with a decoy resource, because you can precisely control baseline traffic and normal behavior in a way that is more difficult to do for production assets.
You are devising a password policy that is compliant with NIST 800-63b guidelines. Which factors for employee password creation are most important to enforce through system rules?
Prevent the use of dictionary words and repetitive strings, and set a minimum length of at least eight characters. The use of complexity rules (required use of mixed case, symbols, and so on) is deprecated.
Vendor Due Diligence
Properly resourced and implemented cybersecurity risk management program. Security assurance and risk management for development and manufacturing processes, including removal of any development backdoors or other undocumented access channels. Product support life cycle, including update and security monitoring processes. Security controls for any confidential data that the supplier's systems have access to. Assistance with incident response and forensics investigations. General and historical company information, such as financial and regulatory reliability, market approval, historic breaches, and so on.
Federation
Provides a shared sign-on capability across multiple systems and enterprises. It connects the identity management services of multiple systems. In business, a company might need to make parts of its network open to partners, suppliers, and customers, and likewise have parts of their networks open to its staff.
Virtual Segmentation
Provisioning separate switches and routers to enforce physical segmentation is relatively expensive and makes reconfiguration of the network difficult. Most network segmentation is implemented using the virtual LAN (VLAN) feature of modern switches. For example, when a host is assigned to a VLAN—typically because the switch port that it is connected to has been assigned a discrete VLAN ID—the switch restricts it to seeing packets designated for that VLAN. To communicate outside the VLAN, the host must use a router, and a router equipped with a firewall can apply more rules to what it allows in and out.
What mechanism can be used to prove the identity of hosts and software applications?
Public key infrastructure (PKI) cryptography—issuing hosts and signing executable code with digital certificates.
IAM Monitoring and Logging: Detecting intrusions or attempted intrusions
Records of failure-type events are likely to be more useful, though success-type events can also be revealing if they show unusual access patterns.
Physical Network Architecture
Refers to the cabling, switch ports, router ports, and wireless access points that supply cabled and wireless network access and connectivity. An adversary with access to physical infrastructure can launch any number of eavesdropping, man-in-the-middle, DoS, and data exfiltration attacks. Such attacks are defeated using physical security controls, such as inspections, guards, lockable doors, and so on. Endpoint security can be deployed so that hosts are allowed to connect to the network only if they have been successfully authenticated.
Virtual Desktop Infrastructure (VDI)
Refers to using a VM as a means of provisioning corporate desktops. When a client machine starts, it boots a minimal OS, allowing the user to log on to a VM stored on the company server infrastructure. The user makes a connection to the VM using a remote desktop protocol (Microsoft Remote Desktop or Citrix ICA, for instance). The thin client has to find the correct image and use an appropriate authentication mechanism. There may be a 1:1 mapping based on machine name or IP address, or the process of finding an image may be handled by a connection broker.
Which network architecture security solution for infrastructure management has been omitted from the following list, and what is its purpose? Physical, software-defined, virtual private cloud, serverless.
Remote access virtual private networks (VPN) allow hosts on an external network to connect to resources on the local network over a public network, such as the Internet. Use of VPN ports and remote dial-in privileges need to be subject to authentication and accounting mechanisms. VPNs can also be used to secure traffic between hosts and between sites.
Deprovisioning
Removing the authorization or disabling the account
Account Management Risk: Privileged accounts
Research has shown that administrative staff often adopt poor credential management (choosing bad passwords, sharing passwords, writing down passwords, and reusing passwords on third-party sites). Administrators are often granted too many privileges or abuse accounts with "super" privileges for routine log-ons. Ensure that privileged accounts are very tightly audited.
What is the difference between secure boot and measured boot?
Secure boot checks that the OS has a valid digital signature from a trusted OS vendor. Measured boot transmits an attestation report of key boot metrics and logs to a server for validation.
Acceptable Use Policy (AUP)
Sets out what someone is allowed to use a particular service or resource for. Such a policy might be used in different contexts. For example, this could be enforced by a business to govern how employees use equipment and services (such as telephone or Internet access) provided to them at work. Another example might be an ISP enforcing a fair use policy governing usage of its Internet access services.
Honeypot
Traps attackers in an isolated environment where they can be monitored and kept from compromising systems in production. Tricks the attacker into believing that they are causing actual damage to the system, which enables the security team to analyze the attacker's behavior. This can help the security team find the source of the attack and take more comprehensive steps to completely eradicate the threat from the organization.
Certificate Management Task: Preventing use of self-signed certificates
Some appliances still ship with these certificates. Network administrators may also be tempted to use these certificates to set up a service quickly. They are highly vulnerable to man-in-the-middle attacks, where an adversary able to intercept the network traffic replaces the device certificate with one of their own choosing and is able to view the packets in the clear. As the decision to trust a self-signed certificate lies entirely with the user, it is easy for the attacker to submit a faked certificate with spoofed subject fields.
Discretionary Access Control (DAC)
Stresses the importance of the owner. The owner is originally the creator of the resource, though ownership can be assigned to another user. The owner is granted full control over the resource, meaning that he or she can modify its ACL to grant rights to others. As the most flexible model, it is also the weakest because it makes centralized administration of security policies the most difficult to enforce. It is also the easiest to compromise as it is most vulnerable to insider threats.
Identity and Account Type: Roles
Support the identities of various assets—everything from personnel to software—by defining the resources an asset has permission to access based on the function that asset fulfills. Can be tied to a user's job tasks (such as administrator), a server's main functionality (name resolution, for instance), the service an application provides (publishing, for example), and much more. The main issue with this identity is that poorly defined roles can lead to privilege creep, violating the principle of least privilege and increasing an entity's chance at being a vector for attack. Thorough and meaningful role definitions are the most important remedy for this issue.
DAC: Attribute-Based Access Control (ABAC)
The most fine-grained type of access control model. System is capable of making access decisions based on a combination of subject and object attributes, plus any context-sensitive or system-wide attributes. As well as group/role memberships, these attributes could include information about the OS currently being used, the IP address, or the presence of up-to-date patches and anti-malware. System could monitor the number of events or alerts associated with a user account or with a resource, or track access requests to ensure they are consistent in terms of timing of requests or geographic location.
Containerization
The OS defines isolated "cells" for each user instance to run in. Each cell or container is allocated CPU and memory resources, but the processes all run through the native OS kernel. These containers may run slightly different OS distributions but cannot run guest OSes of different types (you could not run Windows or Ubuntu in a RedHat Linux container, for instance). Alternatively, they might run separate application processes, in which case the variables and libraries required by the application process are added to the container. From a security perspective, these on the same host are unable to directly interface with one another, which means that a compromise of one container won't spread to another. However, an attacker who can compromise the host OS will be able to directly compromise all of them.
Trusted Foundry Program
The US Department of Defense (DoD) has set up a __________, operated by the Defense Microelectronics Activity (DMEA). Accredited suppliers have proved themselves capable of operating a secure supply chain, from design through to manufacture and testing.
Measured Boot
The capability to transmit an attestation report containing a boot log to an external server, such as a network access control server. The boot log can be analyzed for signs of compromise, and the host can be prevented from accessing the network if it does not meet the required health policy.
MFA: Location-based
The device's IP address or location services can be used as an authentication factor. If the device or location is not within an approved area, access will be denied.
Zones
The main unit of a logically segmented network. This is an area of the network (or of a connected network) where the security configuration is the same for all hosts within it.
Identity and Access Management (IAM)
The process of protecting how users and devices are represented in the organization, as well as how users and devices are granted access to resources based on this representation.
What requirements must be met for an app to make use of a secure enclave?
There must be CPU support for security extensions, the host must be running a trusted OS, and the app developer must have obtained a digital signature from the CPU vendor.
Secure Processing: Trusted execution
To initialize security functions, the CPU's security extensions invoke a TPM and secure boot attestation to ensure that a trusted operating system is running.
Account Management Risk: Shared accounts
Typically, simple SOHO networking devices do not allow for the creation of multiple accounts, and a single "Admin" account is used to manage the device. Such a shared account, where the password (or other authentication credential) is known to more than one person, breaks the principle of nonrepudiation and makes an accurate audit trail difficult to establish.
You are advising a small company on cybersecurity. Employees have formed the habit of bringing personal devices into the workplace and attaching them to the network, which has been the cause of several security incidents. As a small company, authorized IT devices are drawn from a wide range of makes and models, making identification of rogue devices difficult. What solution do you suggest to make inspection of the IT infrastructure simpler?
Use asset tagging to identify authorized devices. This will also assist the company in building an inventory of assets and ensuring more effective configuration and change management.
Active Defense Annoyance Strategies
Using bogus DNS entries to list multiple hosts that do not exist. Configuring a web server with multiple decoy directories or dynamically generated pages to slow down scanning. Using port triggering or spoofing to return useless data when a host detects port scanning activity. This will result in multiple ports being falsely reported as open and will slow down the scan.
In the context of federated identity management, what is automated provisioning?
Using software to communicate changes in account status and authorizations between systems rather than having an administrator intervene to do it manually.
MFA: Two-step verification
When the user authenticates via his or her password, an additional code is sent to a trusted device or service. Once used, the code can normally be cached on the local device for a few days to simplify log-on procedures. Note that if combined with a user password, this is not technically multifactor, as the verification code is a secondary password that could be intercepted before it is delivered to the trusted device or account.
Certificate Management Task: SSH key management
While a different mechanism to PKI digital certificates, cryptographic key pairs are used as a means of logging on to hosts over __________ without having to input a password. Improper management of these keys has been the cause of numerous data breaches and web server compromises
Privileged User Agreement (PUA)
A document a company requires their privileged users to sign that voices their specific concerns and requirements.
Physically Unclonable Function (PUF)
A physical object that for a given input and conditions (challenge), provides a physically defined "digital fingerprint" output (response) that serves as a unique identifier, most often for a semiconductor device such as a microprocessor. Most often based on unique physical variations which occur naturally during semiconductor manufacturing. A physical entity embodied in a physical structure. Are usually implemented in integrated circuits and are typically used in applications with high security requirements, more specifically cryptography.
Hardware Security Module (HSM)
A secure crypto processor focused on providing cryptographic keys and also provides accelerated cryptographic operations by means of these keys. IT acts as a trust anchor and provides protection for identities, applications and transactions by ensuring tight encryption, decryption and authentication for a variety of applications. Includes protection features such as physical tamper resistance and strong authentication. Although it's physically isolated like smart cards and back tapes, it provides a greater level of security as it does not have an operating system and is thus virtually invulnerable to attacks over a network.
Hardware Root of Trust (RoT)
A secure subsystem that is able to provide attestation (declare something to be true).
IAM Log Review: Manual Review
A system of __________ needs to be put in place so that account usage and privileges are audited regularly. Auditing would include monitoring group membership and reviewing access control lists for each resource, plus identifying and disabling unnecessary accounts.
Trusted Platform Module (TPM)
A type of cryptoprocessor. A specification for hardware-based storage of digital certificates, cryptographic keys, hashed passwords, and other user and platform identification information. This implemented either as part of the chipset or as an embedded function of the CPU. Each microprocessor is hard coded with a unique, unchangeable asymmetric private key called the endorsement key. This endorsement key is used to create various other types of subkeys used in key storage, signature, and encryption operations.
Single Sign-On (SSO)
A user only has to authenticate to a system once to gain access to all the resources to which the user has been granted rights. An example is the Kerberos authentication and authorization model. This means, for example, that a user who is authenticated with Windows is also authenticated with the Windows domain's SQL Server and Exchange Server services. The advantage is that each user does not have to manage multiple user accounts and passwords. The disadvantage is that compromising the account or account token also compromises multiple services.
What type of system isolation ensures that the host is physically disconnected from any network?
An air gap.
IAM Log Review: Sequencing errors or gaps in the event log
An attacker may try to cover their tracks by deleting portions of the log or modifying the log so that it tells a different story than what happened.
Certificate Management Task: Deploying, updating, and revoking subject certificates
In this context, management of certificates issued to software code developers must be very closely monitored to prevent unauthorized use of the developer's credentials.
Identity and Account Type: Endpoints
The devices that people use to gain legitimate access to your network are varied and often difficult to account for. Centralized endpoint management solutions can assign identity profiles to known endpoints—this allows validated devices to connect with the requisite privileges and identifying information. Likewise, the solution may assign unknown endpoints to a specific, untrusted profile group that has few privileges. Endpoints are often identified by their MAC address, but keep in mind that this can be easily spoofed. A more secure system issues digital certificates to trusted endpoints, but it is a significant management task to support certificates on all client devices.
Identity and Account Type: Personnel
The most common use for IAM is to define identities for organizational employees. These identities are among the most popular attack vectors. People are often careless with the privileges they're given and may fail to understand how the personal information attached to their identities can be used against them and the organization. End-user security training is vital to ensure that personnel user accounts are not a major weak point in the IAM system.
Asset Tagging
There are many software suites and associated hardware solutions available for tracking and managing assets (or inventory). An asset management database can be configured to store as much or as little information as is deemed necessary, though typical data would be type, model, serial number, asset ID, location, user(s), value, and service information. Tangible assets can be identified using an _________. This could be a barcode label or Radio Frequency ID (RFID) tag attached to the device (or more simply using an identification number). An RFID ______ is a chip programmed with asset data. When in range of a scanner, the chip powers up and signals the scanner.
Secure Processing: Processor security extensions
These are the low-level CPU changes and instructions that enable secure processing. AMD refers to their technology as Secure Memory Encryption (SME) and Secure Encrypted Virtualization (SEV) Intel refers to their technology as Trusted Execution Technology (TXT) and Software Guard Extensions (SGX).
MFA: Certificate-based
This mechanism means installing a digital certificate to the device(s) used to authenticate, or using a smart card and reader. The certificate is used to create a secure channel between the supplicant and authenticating server. This channel can be used to submit a user credential, such as a PIN or password. Alternatively, use of the certificate may be controlled by a PIN.
Your company is developing a learning management system (LMS) app for provision as a hosted system to multiple clients. It is important that each customer's data be segmented from other instances. Which infrastructure security solution is a good choice to meet the requirements of this scenario?
You could deploy each customer's instance as a separate virtual machine (VM), but this would involve additional resources and management. Containerization is an excellent fit for this requirement to deploy a single application within an isolated cell.