2.1 Defense In Depth Flashcards
The principle that system protections need to be layered and deployed across a wide range of controls. It involves the CIA triad and risk assessment.
Defense in depth
These three things comprise the CIA triad
Confidentiality, integrity, availability
What is the “secure by design” concept?
The concept that security of the application is not an afterthought but a prerequisite for each building block of the solution.
This is considered the foundation of defense in depth
Filtering
These are four examples of network filtering
Firewalls, anti-DDoS, proxy servers, mail relays
These are two examples of host filtering
Anti-malware, application control
A way of filtering that will allow only approved applications to run
Application control
Intermediate systems that handle requests to resources on behalf of other systems. They also tend to perform some kind of content filtering.
Proxy servers
The four approaches to defense in depth
Uniform protection, protected enclaves, information centric, threat vector analysis
This DiD approach involves segmenting your network, involving VLANs and filtering traffic between sections of the network.
Protected enclaves
Also known as port isolation this is a technique in computer networking where a VLAN contains switch ports that are restricted so that they can only communicate with a given uplink.
Private VLAN
DiD approach where your organization uses multiple layers to access confidential information.
Information centric
DiD approach where we prevent a threat from “crossing the bridge” or using a vector. Such as disabling USB drives.
Vector oriented
This model is a compliment to DiD. Every request regardless if it comes from inside or outside the network must be authenticated and authorized.
Zero trust model
Enables you to dynamically change access based upon conditions and points that are accumulated.
Zero trust, variable trust