TestOut Chapter 2: Security Basics: 2.2 Defense Planning
What are the seven layers in layered security?
1. Policies, Procedures, and Awareness 2. Physical 3. Perimeter 4. Network 5. Host 6. Application 7. Data
What is a countermeasure?
A counter measure is a way to mitigate a potential risk.
How can countermeasures reduce the risk of a threat agent being able to exploit a vulnerability?
A countermeasure reduces the risk of a threat agent exploting a vulnerability by: -Providing a security solution to an identified problem. - Is not dependent on secrecy -Is testable and verifiable -Provides uniform or consistent protection for all assets and users. -Is independent of other safeguards. -Requires minimal human intervention -Is tamper-proof -Has overrides and fail safe defaults
Layered Security
A security approach that combines multiple security controls and defenses to create a cumulative effect.
Layered Security Model
A security approach that defines seven layers of security.
Application
Includes authentication and authorization, user management, group policies, and web application security.
Host
Includes each individual workstation, laptop, and mobile device. The Host layer includes log management, OS hardening, patch management and implementation, auditing, malware, and password attacks.
Physical
Includes fences, door locks, mantraps, turnstiles, device locks, server cages, cameras, motion detectors, and environmental controls.
Perimeter
Includes firewalls using ACLs and securing the wireless network.
Data
Includes storing data properly, destroying data, classifying data, cryptography, and data transmission security.
Network
Includes the installation and configuration of switches and routers, implementation of VLANs, penetration testing, and virtualization use.
Policies, Procedures, and Awareness
Includes user education, manageable network plans, and employee onboarding and off-boarding procedures.
What is Layered Security?
Layered security is a security approach that combines multiple security controls and defenses to create a cumulative effect.