Video Description

This lesson will cover the security principle: separation of trust using the Clark-Wilson Security Model: "keep users out of your stuff, or they'll break it." She will detail examples of various interfaces used to do that. Instructor Kelly Handerhan will also detail the different ways technology is used to keep untrusted networks separate from trusted networks.

  • Firewalls: allow/block traffic based on rules called ACLs (access control lists).
  • Static Packet Filters: base decisions on source/destination IP address and port.
  • Stateful Inspection: Knowledge of who initiated the session. It can block unsolicited replies.
  • Protocol Anomaly firewalls: can block traffic based on syntax being different than the RFC would specify.
  • Application Proxies/Kernel Proxies: make decisions on content, active directory integration, certificates, and time.

Course Modules