TestOut Chapter 2: Security Basics: 2.2 Defense Planning

¡Supera tus tareas y exámenes ahora con Quizwiz!

What are the seven layers in layered security?

1. Policies, Procedures, and Awareness 2. Physical 3. Perimeter 4. Network 5. Host 6. Application 7. Data

What is a countermeasure?

A counter measure is a way to mitigate a potential risk.

How can countermeasures reduce the risk of a threat agent being able to exploit a vulnerability?

A countermeasure reduces the risk of a threat agent exploting a vulnerability by: -Providing a security solution to an identified problem. - Is not dependent on secrecy -Is testable and verifiable -Provides uniform or consistent protection for all assets and users. -Is independent of other safeguards. -Requires minimal human intervention -Is tamper-proof -Has overrides and fail safe defaults

Layered Security

A security approach that combines multiple security controls and defenses to create a cumulative effect.

Layered Security Model

A security approach that defines seven layers of security.

Application

Includes authentication and authorization, user management, group policies, and web application security.

Host

Includes each individual workstation, laptop, and mobile device. The Host layer includes log management, OS hardening, patch management and implementation, auditing, malware, and password attacks.

Physical

Includes fences, door locks, mantraps, turnstiles, device locks, server cages, cameras, motion detectors, and environmental controls.

Perimeter

Includes firewalls using ACLs and securing the wireless network.

Data

Includes storing data properly, destroying data, classifying data, cryptography, and data transmission security.

Network

Includes the installation and configuration of switches and routers, implementation of VLANs, penetration testing, and virtualization use.

Policies, Procedures, and Awareness

Includes user education, manageable network plans, and employee onboarding and off-boarding procedures.

What is Layered Security?

Layered security is a security approach that combines multiple security controls and defenses to create a cumulative effect.


Conjuntos de estudio relacionados

Spanish 2, ¿Qué? and ¿cuál?, Lesson 9.3

View Set

para practicar su pronunciación de "r" y "rr" en español

View Set

A Beka 4th Grade History Quiz 27

View Set

Environmental Science Chapter 13

View Set