2 hours 5 minutes

Video Description

We continue Cybrary's CISSP course with an examination of Security Architecture and Design. It's broken into 4 subsections plus a content & exam review, and nicely details enterprise, network, platform architectures, and other essential components. You'll learn what a Security Architecture is, what elements comprise its design focus, and we'll look at protection mechanisms and the role the security kernel plays. You'll also learn about security modules such as Park-Wilson, evaluate criteria such as Orange Book and how it used, and we'll wrap up with cloud computing and the types of security challenges the virtual world brings with it. Our discussion begins with a discussion on the goals of any information system security system, what's required to support those goals and how those decisions determine the tradeoffs made for balancing business need vs. securing the businesses information and assets.

Video Transcription

Chapter six is going to cover the topics with security, architecture and design. And the elements were gonna cover were first of all, going to talk about what makes up the system architecture and those basic elements of a system. We'll talk about some protection mechanisms and house systems protect themselves
and the security model. A security colonel and reference monitor, two elements built into the kernel of an operating system
For just that purpose.
We'll talk about some security models, and if you've done in the study ahead of time and you've come across the Bella, Pa. Djula Security model or Clark Wilson Brewer Nash, that's where we talk about these ideas. We go into Theo evaluation criteria like the Orange Book and common criteria that we used today.
And then, um, we'll wrap up the chapter with a quick discussion on cloud computing.
All right, so moving forward when we talk about an information systems architecture.
So obviously our first and primary goal was gonna make sure that we design a system such that the goals of the business will be supported by that system. So we look at that C I A triad confidentiality and integrity and availability, and those are first and foremost concerns about how we designed that system.
build security into the design, meaning we don't designed for function and then figure out how to secure later, like we've done traditionally. But we design a secure system. And if the system is not secure than it doesn't work, and that's a totally different approach to what we've used. Traditionally,
all right, so first thing we've got to start with is figuring out what the requirements
taking a look at the degree. You know, again, the same ideas risk management, Start with the assets. What am I protecting and what's its value? What sort of mitigating strategies can I put in place to reduce the threats and vulnerabilities? Looking always for that cost benefit analysis?
Keeping in mind cost is not always money,
but there is always a trade off for security. Whether that comes from performance, ease of use, backwards compatibility, whatever that might be. So cost benefit analysis is going to drive us to the type of system we're gonna want to define.
We're gonna look the various security models that are out there again, like a bell Lapa, Djula Arbib Clark Wilson
that'll give us direction on how to implement security
and then the system. Architecture really is kind of what carries out the security of the models. These air, the elements that we build into the design and the architecture. It comes from hardware software, infirm where so all those elements of the system and ultimately we want to make sure system architecture
supports the security needs of the system.
All right, now you talk about different types of architecture because the system's a very, very broad term. You know, you can kind of talk about that enterprise as a whole. So ah, how all of these elements come together and are integrated,
not just the, you know I t systems, but also business processes.
Network architecture, of course, supports the interoperability of these devices and how they go about sharing information in a secure manner.
Certain platforms like operating systems, storage devices and, uh, you know, more isolated
security mechanisms or systems. And then we look at what type of protection each of these provide and what sort of security models they're based on.

Up Next

Enterprise Security Architecture

A framework for applying a comprehensive method of describing the current and future structure for an organization?s security processes so that they align with the company?s overall strategic direction

Instructed By

Instructor Profile Image
Kelly Handerhan
Senior Instructor