4 hours 25 minutes
I am welcome to model to a model to we're gonna talk about defense in depth. And what we mean by that is we don't ever wanna have one single control that is protecting important data. We wanna have a depth of control. We wanna have many different layers of control.
You know, if the attacker gets through one thing, we want there to be something else to stop them. If they get through that, maybe something else
maybe we have a chance of stopping the attacker at each at each milestone along the way. But we also have a chance of identifying an attack along the way to if we put more than one control. You never want to have a single point of failure.
We said in the beginning of module one that infrastructure security is a very large and complex thing. And that stands true.
And for that reason,
no one can ever fully protect everything out there. We can't ever say that everything in our environment is 100% protected all the time. I mean it into the day. We have to allow access to our environment in order to do business in order to communicate with the outside world. We have to have some holes opened up. You know, the most
environment in the world is a system that is shut off and buried in a lead box 100 feet underground, encased in concrete. But it's not very available, and vice versa. The most available system in the world is one that's just open to the Internet, doesn't have any firewall and no controls on it. But it's not very secure,
So infrastructure security is about
finding that balance between availability and security.
It's about putting the right components in place based on your resource is and your budget and everything and the things that you're trying to protect.
The first concept we want to talk about when we talk about defense in depth is the concept of layers of defense. Again, this is a conceptual way to think about things.
But when we think about defense, it's sometimes helpful If we think about it in layers and we can think about components at each one of those layers and how to put those together into an effective security strategy.
The very first layer to visualize is the perimeter and the perimeter is simply where our internal environment comes into contact with the untrusted external environment, where trusted things come into contact with entrusted. This could be between our environment and the Internet. It could be between our company and another company if we have a B two B connection
anywhere where a trusted into T meats and untrusted entity,
that's the perimeter.
The network layer is the routers and switches in the network that ties all of that together that connects us with the outside world. It's also the layer that connects our internal components to each other. So just conceptualize that whole thing as the network layer.
And then on the network we have in points and in points or just those compute devices those air, the servers and databases and laptops and bad readers and printers and all of those things connected to the network. Those air, the endpoints and on those in points we have applications.
So we've got operating systems and, you know, sequel databases and Oracle databases and Web applications and all these different applications.
All of these software components that run on the in point
that those make up the application layer
and then finally we have the data, and at the end of the day, that data is what we're trying to protect. This is the actual bits and bytes, the actual ones and twos, data that we're trying to protect from would be Attackers.
So as we go through module to we're gonna cover each one of these layers. We have a section on each one of these layers. We're gonna talk about the different components in each one of these layers. But always keep in the back of your mind this visualization of the layers of defense. As we talk about components at each one, you don't necessarily need to put every component in place tohave
a comprehensive security posture.
But you need to understand how component at one layer is gonna interact with a component at another layer and provide you overall security to that data that you're primed trying to protect.
All right, next up, we're gonna go in a lesson to dot to we're gonna talk about our first layer, which is the perimeter
ISACA CISM - Certified Information Security Manager
The ISACA Certified Information Security Manager (CISM) practice test from CyberVista helps students to prepare ...
The CompTIA Security+ SY0-501 certification course helps you develop your competency in topics such as ...
46 CEU/CPE Hours Available
Certificate of Completion Offered