Was ist das eigentlich? Cyberrisiken verständlich erklärt

Es wird viel über Cyberrisiken gesprochen. Oftmals fehlt aber das grundsätzliche Verständnis, was Cyberrisiken überhaupt sind. Ohne diese zu verstehen, lässt sich aber auch kein Versicherungsschutz gestalten.

Beinahe alle Aktivitäten des täglichen Lebens können heute über das Internet abgewickelt werden. Online-Shopping und Online-Banking sind im Alltag angekommen. Diese Entwicklung trifft längst nicht nur auf Privatleute, sondern auch auf Firmen zu. Das Schlagwort Industrie 4.0 verheißt bereits eine zunehmende Vernetzung diverser geschäftlicher Vorgänge über das Internet.

Anbieter von Cyberversicherungen für kleinere und mittelständische Unternehmen (KMU) haben Versicherungen die Erfahrung gemacht, dass trotz dieser eindeutigen Entwicklung Cyberrisiken immer noch unterschätzt werden, da sie als etwas Abstraktes wahrgenommen werden. Für KMU kann dies ein gefährlicher Trugschluss sein, da gerade hier Cyberattacken existenzbedrohende Ausmaße annehmen können. So wird noch häufig gefragt, was Cyberrisiken eigentlich sind. Diese Frage ist mehr als verständlich, denn ohne (Cyber-)Risiken bestünde auch kein Bedarf für eine (Cyber-)Versicherung.

Wo erhalte ich vollständige Informationen über S90.18A?

Nachfolgend finden Sie alle Details zu Übungstests, Dumps und aktuellen Fragen der S90.18A: Fundamental SOA Security Prüfung.

2024 Updated Actual S90.18A questions as experienced in Test Center

Aktuelle S90.18A Fragen aus echten Tests von Killexams.com - easy finanz | easyfinanz

SOA S90.18A : Fundamental SOA Security Practice Tests

Practice Tests Organized by Richard



Latest 2024 Updated SOA Fundamental SOA Security Syllabus
S90.18A examcollection with Premium PDF and Test Engine

Practice Tests and Free VCE Software - Questions Updated on Daily Basis
Big Discount / Cheapest price & 100% Pass Guarantee




S90.18A examcollection : Download 100% Free S90.18A practice tests (PDF and VCE)

Exam Number : S90.18A
Exam Name : Fundamental SOA Security
Vendor Name : SOA
Update : Click Here to Check Latest Update
Question Bank : Check Questions

If you memorize these S90.18A Actual Questions, you will get full marks.
Killexams.com is a helpful resource for individuals who aim to achieve Full Marks in their exams and advance their careers. By registering and downloading their materials, you can ensure that you pass your Fundamental SOA Security exam with flying colors. Their Exam Questions are regularly updated, and you can access them through your account at any time.

In order to pass the SOA S90.18A exam, it's important to have a clear understanding of all the course materials, syllabus, and objectives. Simply practicing the S90.18A course guide is not enough. You must also familiarize yourself with the challenging scenarios and questions that are asked in the actual S90.18A exam. To do this, visit killexams.com and get the free S90.18A PDF trial questions. If you're satisfied with the questions, you can then register to get the full version of S90.18A Real exam Questions, which is your best bet for success in the Fundamental SOA Security exam.

To make things easier, you can copy the S90.18A Premium Questions and Ans PDF onto any device, such as an iPad, iPhone, laptop, smart TV, or Android device, and read and memorize the S90.18A Exam Cram while on vacation or traveling. This can save you a lot of time and energy, giving you more time to review the S90.18A Latest Topics. Practice S90.18A Premium Questions and Ans with the VCE examination simulator until you achieve a perfect score of 100%. When you feel confident, go straight to the Exam Center for the real S90.18A exam.







S90.18A exam Format | S90.18A Course Contents | S90.18A Course Outline | S90.18A exam Syllabus | S90.18A exam Objectives


Exam: S90.18A Fundamental SOA Security

Exam Details:
- Number of Questions: The exam consists of approximately 40 multiple-choice questions.
- Time: Candidates are given 90 minutes to complete the exam.

Course Outline:
The S90.18A Fundamental SOA Security exam focuses on assessing professionals' fundamental knowledge and understanding of security considerations in Service-Oriented Architecture (SOA) environments. The course covers the following topics:

1. Introduction to SOA Security
- Overview of SOA and its security challenges
- Fundamentals of information security
- Security objectives in SOA environments
- Security governance and risk management

2. SOA Security Concepts and Principles
- Authentication and authorization in SOA
- Confidentiality and integrity of data in transit and at rest
- Non-repudiation and data integrity mechanisms
- Auditing, logging, and monitoring in SOA

3. SOA Security Technologies and Mechanisms
- Secure communication protocols and standards
- Web services security standards (WS-Security, SAML, etc.)
- Security token services and identity federation
- Secure coding practices and vulnerability management

4. Securing SOA Infrastructure and Services
- Security considerations for service-oriented infrastructure
- Securing service endpoints and message exchanges
- Handling security exceptions and error conditions
- Secure deployment and configuration of SOA components

Exam Objectives:
The exam aims to assess candidates' understanding and proficiency in the following areas:

1. Fundamental concepts and principles of SOA security.
2. Knowledge of security technologies and mechanisms in SOA environments.
3. Understanding of securing SOA infrastructure and services.
4. Familiarity with security governance and risk management in SOA.

Exam Syllabus:
The exam syllabus covers the following topics:

- Introduction to SOA Security
- Overview of SOA and its security challenges
- Fundamentals of information security
- Security objectives in SOA environments
- Security governance and risk management

- SOA Security Concepts and Principles
- Authentication and authorization in SOA
- Confidentiality and integrity of data in transit and at rest
- Non-repudiation and data integrity mechanisms
- Auditing, logging, and monitoring in SOA

- SOA Security Technologies and Mechanisms
- Secure communication protocols and standards
- Web services security standards (WS-Security, SAML, etc.)
- Security token services and identity federation
- Secure coding practices and vulnerability management

- Securing SOA Infrastructure and Services
- Security considerations for service-oriented infrastructure
- Securing service endpoints and message exchanges
- Handling security exceptions and error conditions
- Secure deployment and configuration of SOA components



Killexams Review | Reputation | Testimonials | Feedback


Such easy questions in the S90.18A exam! I was already well-prepared.
Thanks to killexams.com, I was able to pass my S90.18A exam with a score of 92%. The notes and Dumps provided were extremely helpful, and they made the entire process smooth and easy for me. By reviewing the course notes and practicing with the exam simulator, I was well-prepared for the exam. The trainer communication and presentation skills Topics were particularly well-done. I am grateful for killexams.com's excellent work.


Don’t spend a huge amount on S90.18A course books; try these questions instead.
Thanks to killexams.com, I had valid and accurate exam questions and answers. Even with only a basic understanding of the S90.18A exam and offerings, I passed the exam easily. Although I was initially burdened by the vast amount of information, going through the questions made things easier, and I had an incredible experience with Killexams.


Do you need practice tests for the S90.18A exam? This is the right place!
I enrolled in S90.18A and had thoroughly read all the chapters. However, the VCE exam provided by killexams.com was an excellent resource for practice. Thanks to their point practice test, I passed the exam with a 99% score, and even my doubts were clarified promptly. I wish to use their services in the future too. Great job, guys!


I located the correct source for actual S90.18A exam questions.
I am writing to express my gratitude as I easily passed the S90.18A exam with 96% using the test Dumps series created by killexams.com. The series offered not only a realistic simulation of the web exam, but also precise explanations for each question in simple language that was easy to understand. I am thrilled that I made the right decision to purchase the exam series from killexams.


Real S90.18A exam questions to pass the exam on the first attempt.
I used to be lazy and always looked for shortcuts and easy techniques. During my IT course on S90.18A, I found it very challenging and couldn't find any guidelines. That is when I heard about killexams.com, which is very famous in the market. The trial and exercise questions helped me prepare for the S90.18A exam, and I secured suitable marks. All thanks to killexams.com.


SOA Security exam contents

S90.18A Exam

User: Constance*****

I am proud to say that I passed my S90.18A exam within just 20 days of preparation, all thanks to the Killexams.com brain dump exam guide. The practice tests completely changed my life as I am now employed in a respectable corporation with an incredible income. Tough subjects were made easy, and I was provided with great references that were beneficial for the test purpose.
User: Abdallah*****

I downloaded real exam Dumps from Killexams.com to prepare for my S90.18A exam, and I feel blessed that I stumbled upon their website. The educators I encountered were fantastic, and they taught me how to pass the exam with ease. I am forever grateful to them.
User: Yelena*****

For busy professionals like us, having access to practice Dumps anytime, anywhere is invaluable. I am immensely grateful to Killexams.com for creating this incredible practice material, which proved to be very useful during the last few days leading up to the exam. With their revision practice tests, I secured 88% in the s90.18a Exam. My only suggestion to the team is to expand their offering by creating an Android app so that people like us can study on-the-go.
User: Syuzanna*****

Preparing for the s90.18a exam has been a daunting task with several confusing Topics to cover. However, Killexams.com provided me with the confidence I needed to pass the exam by taking me through core questions on the subject. My efforts paid off, and I passed the exam with an impressive 84%. Although a few questions were twisted, the answers from Killexams.com helped me mark the right ones.
User: Tolya*****

I did not want to burden my father for help during my s90.18a exam preparation, as seeking his assistance would have been like courting trouble.

S90.18A Exam

Question: Do you recommend me to use this amazing source laACTUAL EXAM QUESTIONS?
Answer: Killexams highly recommend these S90.18A questions to memorize before you go for the actual exam because this S90.18A examcollection contains an up-to-date and 100% valid S90.18A examcollection with a new syllabus.
Question: Do I need actual test questions of S90.18A exam to pass the exam?
Answer: Of course, You need actual test questions to pass the S90.18A exam. These S90.18A exam questions are taken from actual exam sources, that's why these S90.18A exam questions are sufficient to read and pass the exam. Although you can use other sources also for improvement of knowledge like textbooks and other aid material these S90.18A questions are sufficient to pass the exam.
Question: I want to talk to S90.18A exam expert, where should I contact?
Answer: You can send your query to support@killexams.com to contact their certification experts. You should expect a little longer to get a response because their team has to handle hundreds of queries in the queue. Write your query in detail with your username (if available).
Question: Did you attempt these updated dumps?
Answer: Killexams provide up-to-date actual S90.18A test questions that are taken from the S90.18A test prep. These questions' answers are Checked by experts before they are included in the S90.18A question bank.
Question: How do I search the exam that I need from killexams?
Answer: You can search from thousands of up-to-date and latest certification exams at killexams.com on its search page. Go to https://killexams.com/search and enter your exam code or name or number. You should keep your query as short as possible to see all the exams related to your interest.
SOA+Security+exam+contents
https://www.pass4surez.com/art/read.php?keyword=SOA+Security+exam+contents&lang=us&links=remove

Whilst it is very hard task to choose reliable exam Dumps resources regarding review, reputation and validity because people get ripoff due to choosing incorrect service. Killexams make it sure to provide its clients far better to their resources with respect to exam braindumps update and validity. Most of other peoples ripoff report complaint clients come to us for the brain dumps and pass their exams enjoyably and easily. They never compromise on their review, reputation and quality because killexams review, killexams reputation and killexams client self confidence is important to all of us. Specially they manage killexams.com review, killexams.com reputation, killexams.com ripoff report complaint, killexams.com trust, killexams.com validity, killexams.com report and killexams scam. If perhaps you see any bogus report posted by their competitor with the name killexams ripoff report complaint internet, killexams.com ripoff report, killexams.com scam, killexams.com complaint or something like this, just keep in mind that there are always bad people damaging reputation of good services due to their benefits. There are a large number of satisfied customers that pass their exams using killexams.com brain dumps, killexams PDF questions, killexams practice questions, killexams exam simulator. Visit their test questions and trial brain dumps, their exam simulator and you will definitely know that killexams.com is the best brain dumps site.

Which is the best practice tests website?
Of course, Killexams is practically legit along with fully trusted. There are several features that makes killexams.com legitimate and authentic. It provides up to par and practically valid exam questions that contain real exams questions and answers. Price is small as compared to the vast majority of services online. The Dumps are current on ordinary basis having most recent questions. Killexams account arrangement and item delivery is quite fast. Data downloading is definitely unlimited and incredibly fast. Assistance is avaiable via Livechat and E mail. These are the features that makes killexams.com a robust website that provide exam prep with real exams questions.



Is killexams.com test material dependable?
There are several Dumps provider in the market claiming that they provide actual exam Questions, Braindumps, Practice Tests, Study Guides, cheat sheet and many other names, but most of them are re-sellers that do not update their contents frequently. Killexams.com is best website of Year 2024 that understands the issue candidates face when they spend their time studying obsolete contents taken from free pdf get sites or reseller sites. Thats why killexams.com update exam Dumps with the same frequency as they are updated in Real Test. exam questions provided by killexams.com are Reliable, Up-to-date and validated by Certified Professionals. They maintain examcollection of valid Questions that is kept up-to-date by checking update on daily basis.

If you want to Pass your exam Fast with improvement in your knowledge about latest course contents and Topics of new syllabus, They recommend to get PDF exam Questions from killexams.com and get ready for actual exam. When you feel that you should register for Premium Version, Just choose visit killexams.com and register, you will receive your Username/Password in your Email within 5 to 10 minutes. All the future updates and changes in Dumps will be provided in your get Account. You can get Premium VCE exam files as many times as you want, There is no limit.

Killexams.com has provided VCE VCE exam Software to Practice your exam by Taking Test Frequently. It asks the Real exam Questions and Marks Your Progress. You can take test as many times as you want. There is no limit. It will make your test prep very fast and effective. When you start getting 100% Marks with complete Pool of Questions, you will be ready to take actual Test. Go register for Test in Exam Center and Enjoy your Success.




Firefighter Latest Questions | CCSA exam prep | CPP Free PDF | WOCNCB-CCCN past exams | ACA-CHSA test prep | MB-500 trial questions | CyberArk-EPM assessment test trial | 2V0-01-19 online exam | NBRC examcollection | C1000-146 online exam | SPHR exam Questions | Salesforce-Certified-B2C-Commerce-Developer test prep | CNS-CP training material | SD0-302 Dumps | C1000-107 pdf get | SDM-2002001030 pass exam | VCS-285 practice exam | H13-811_V3.0-ENU study guide | NBCOT-OTR exam questions | CBBF get |


S90.18A - Fundamental SOA Security information hunger
S90.18A - Fundamental SOA Security Practice Test
S90.18A - Fundamental SOA Security questions
S90.18A - Fundamental SOA Security practice tests
S90.18A - Fundamental SOA Security premium pdf
S90.18A - Fundamental SOA Security PDF Download
S90.18A - Fundamental SOA Security information hunger
S90.18A - Fundamental SOA Security exam contents
S90.18A - Fundamental SOA Security Study Guide
S90.18A - Fundamental SOA Security teaching
S90.18A - Fundamental SOA Security learn
S90.18A - Fundamental SOA Security exam syllabus
S90.18A - Fundamental SOA Security Practice Questions
S90.18A - Fundamental SOA Security outline
S90.18A - Fundamental SOA Security test prep
S90.18A - Fundamental SOA Security guide
S90.18A - Fundamental SOA Security exam success
S90.18A - Fundamental SOA Security tricks
S90.18A - Fundamental SOA Security test
S90.18A - Fundamental SOA Security teaching
S90.18A - Fundamental SOA Security Real exam Questions
S90.18A - Fundamental SOA Security exam cram
S90.18A - Fundamental SOA Security exam cram
S90.18A - Fundamental SOA Security course outline
S90.18A - Fundamental SOA Security Questions and Answers
S90.18A - Fundamental SOA Security exam Questions
S90.18A - Fundamental SOA Security Test Prep
S90.18A - Fundamental SOA Security exam Questions
S90.18A - Fundamental SOA Security Practice Test
S90.18A - Fundamental SOA Security syllabus
S90.18A - Fundamental SOA Security exam syllabus
S90.18A - Fundamental SOA Security exam questions
S90.18A - Fundamental SOA Security course outline
S90.18A - Fundamental SOA Security exam Questions
S90.18A - Fundamental SOA Security book
S90.18A - Fundamental SOA Security test
S90.18A - Fundamental SOA Security education
S90.18A - Fundamental SOA Security book
S90.18A - Fundamental SOA Security Real exam Questions
S90.18A - Fundamental SOA Security exam cram
S90.18A - Fundamental SOA Security Test Prep
S90.18A - Fundamental SOA Security exam help
S90.18A - Fundamental SOA Security Test Prep
S90.18A - Fundamental SOA Security exam Questions

Other SOA Practice Tests


S90.03A mock test | S90.02A test prep questions | S90.19A free pdf | S90.18A exam Cram | S90.05A exam Questions | S90.08A exam questions | C90-06A free prep | S90.20A test sample | S90.01A questions download | S90.04A practice questions | S90.09A free pdf download |


Best practice tests You Ever Experienced


AIP-210 Latest Questions | NEA-BC exam papers | BEC Study help | ABPANC-CPAN free exam papers | HPE6-A82 pdf exam | ACP-Sec1 practice test | CSLE free practice tests | IIA-CRMA questions and answers | 250-407 VCE | ICYB study questions | CLSSBB test prep questions | CBDE certification sample | VCS-325 pass exam | CMCN exam Questions | NSE7_OTS-7.2 download | H13-523 Question Bank | NAWCO-OMS free pdf | 301 Practice Questions | 2V0-33.22 question test | 920-552 free questions |





References :





Similar Websites :
Pass4sure Certification exam Practice Tests
Pass4Sure Certification Question Bank






Direct Download

S90.18A Reviews by Customers

Customer Reviews help to evaluate the exam performance in real test. Here all the reviews, reputation, success stories and ripoff reports provided.

S90.18A Reviews

100% Valid and Up to Date S90.18A Exam Questions

We hereby announce with the collaboration of world's leader in Certification Exam Dumps and Real Exam Questions with Practice Tests that, we offer Real Exam Questions of thousands of Certification Exams Free PDF with up to date VCE exam simulator Software.

Warum sind Cyberrisiken so schwer greifbar?

Als mehr oder weniger neuartiges Phänomen stellen Cyberrisiken Unternehmen und Versicherer vor besondere Herausforderungen. Nicht nur die neuen Schadenszenarien sind abstrakter oder noch nicht bekannt. Häufig sind immaterielle Werte durch Cyberrisiken in Gefahr. Diese wertvollen Vermögensgegenstände sind schwer bewertbar.

Obwohl die Gefahr durchaus wahrgenommen wird, unterschätzen viele Firmen ihr eigenes Risiko. Dies liegt unter anderem auch an den Veröffentlichungen zu Cyberrisiken. In der Presse finden sich unzählige Berichte von Cyberattacken auf namhafte und große Unternehmen. Den Weg in die Presse finden eben nur die spektakulären Fälle. Die dort genannten Schadenszenarien werden dann für das eigene Unternehmen als unrealistisch eingestuft. Die für die KMU nicht minder gefährlichen Cyber­attacken werden nur selten publiziert.

Aufgrund der fehlenden öffentlichen Meldungen von Sicherheitsvorfällen an Sicherheitsbehörden und wegen der fehlenden Presseberichte fällt es schwer, Fakten und Zahlen zur Risikolage zu erheben. Aber ohne diese Grundlage fällt es schwer, in entsprechende Sicherheitsmaßnahmen zu investieren.

Erklärungsleitfaden anhand eines Ursache-Wirkungs-Modells

Häufig nähert man sich dem Thema Cyberrisiko anlass- oder eventbezogen, also wenn sich neue Schaden­szenarien wie die weltweite WannaCry-Attacke entwickeln. Häufig wird auch akteursgebunden beleuchtet, wer Angreifer oder Opfer sein kann. Dadurch begrenzt man sich bei dem Thema häufig zu sehr nur auf die Cyberkriminalität. Um dem Thema Cyberrisiko jedoch gerecht zu werden, müssen auch weitere Ursachen hinzugezogen werden.

Mit einer Kategorisierung kann das Thema ganzheitlich und nachvollziehbar strukturiert werden. Ebenso hilft eine solche Kategorisierung dabei, eine Abgrenzung vorzunehmen, für welche Gefahren Versicherungsschutz über eine etwaige Cyberversicherung besteht und für welche nicht.

Die Ursachen sind dabei die Risiken, während finanzielle bzw. nicht finanzielle Verluste die Wirkungen sind. Cyberrisiken werden demnach in zwei Hauptursachen eingeteilt. Auf der einen Seite sind die nicht kriminellen Ursachen und auf der anderen Seite die kriminellen Ursachen zu nennen. Beide Ursachen können dabei in drei Untergruppen unterteilt werden.

Nicht kriminelle Ursachen

Höhere Gewalt

Häufig hat man bei dem Thema Cyberrisiko nur die kriminellen Ursachen vor Augen. Aber auch höhere Gewalt kann zu einem empfindlichen Datenverlust führen oder zumindest die Verfügbarkeit von Daten einschränken, indem Rechenzentren durch Naturkatastrophen wie beispielsweise Überschwemmungen oder Erdbeben zerstört werden. Ebenso sind Stromausfälle denkbar.

Menschliches Versagen/Fehlverhalten

Als Cyberrisiken sind auch unbeabsichtigtes und menschliches Fehlverhalten denkbar. Hierunter könnte das versehentliche Veröffentlichen von sensiblen Informationen fallen. Möglich sind eine falsche Adressierung, Wahl einer falschen Faxnummer oder das Hochladen sensibler Daten auf einen öffentlichen Bereich der Homepage.

Technisches Versagen

Auch Hardwaredefekte können zu einem herben Datenverlust führen. Neben einem Überhitzen von Rechnern sind Kurzschlüsse in Systemtechnik oder sogenannte Headcrashes von Festplatten denkbare Szenarien.

Kriminelle Ursachen

Hackerangriffe

Hackerangriffe oder Cyberattacken sind in der Regel die Szenarien, die die Presse dominieren. Häufig wird von spektakulären Datendiebstählen auf große Firmen oder von weltweiten Angriffen mit sogenannten Kryptotrojanern berichtet. Opfer kann am Ende aber jeder werden. Ziele, Methoden und auch das Interesse sind vielfältig. Neben dem finanziellen Interesse können Hackerangriffe auch zur Spionage oder Sabotage eingesetzt werden. Mögliche Hackermethoden sind unter anderem: Social Engineering, Trojaner, DoS-Attacken oder Viren.

Physischer Angriff

Die Zielsetzung eines physischen Angriffs ist ähnlich dem eines Hacker­angriffs. Dabei wird nicht auf die Tools eines Hackerangriffs zurückgegriffen, sondern durch das physische Eindringen in Unternehmensgebäude das Ziel erreicht. Häufig sind es Mitarbeiter, die vertrauliche Informationen stehlen, da sie bereits den notwendigen Zugang zu den Daten besitzen.

Erpressung

Obwohl die Erpressung aufgrund der eingesetzten Methoden auch als Hacker­angriff gewertet werden könnte, ergibt eine Differenzierung Sinn. Erpressungsfälle durch Kryptotrojaner sind eines der häufigsten Schadenszenarien für kleinere und mittelständische Unternehmen. Außerdem sind auch Erpressungsfälle denkbar, bei denen sensible Daten gestohlen wurden und ein Lösegeld gefordert wird, damit sie nicht veröffentlicht oder weiterverkauft werden.

Ihre Cyberversicherung sollte zumindet folgende Schäden abdecken:

Cyber-Kosten:

  • Soforthilfe und Forensik-Kosten (Kosten der Ursachenermittlung, Benachrichtigungskosten und Callcenter-Leistung)
  • Krisenkommunikation / PR-Maßnahmen
  • Systemverbesserungen nach einer Cyber-Attacke
  • Aufwendungen vor Eintritt des Versicherungsfalls

Cyber-Drittschäden (Haftpflicht):

  • Befriedigung oder Abwehr von Ansprüchen Dritter
  • Rechtswidrige elektronische Kommunikation
  • Ansprüche der E-Payment-Serviceprovider
  • Vertragsstrafe wegen der Verletzung von Geheimhaltungspflichten und Datenschutzvereinbarungen
  • Vertragliche Schadenersatzansprüche
  • Vertragliche Haftpflicht bei Datenverarbeitung durch Dritte
  • Rechtsverteidigungskosten

Cyber-Eigenschäden:

  • Betriebsunterbrechung
  • Betriebsunterbrechung durch Ausfall von Dienstleister (optional)
  • Mehrkosten
  • Wiederherstellung von Daten (auch Entfernen der Schadsoftware)
  • Cyber-Diebstahl: elektronischer Zahlungsverkehr, fehlerhafter Versand von Waren, Telefon-Mehrkosten/erhöhte Nutzungsentgelte
  • Cyber-Erpressung
  • Entschädigung mit Strafcharakter/Bußgeld
  • Ersatz-IT-Hardware
  • Cyber-Betrug