Ch. 2.2
What are the 7 layers in layered security?
1.)policies, procedures, and awareness 2.)physical 3.)perimeter 4.)network 5.)host 6.)application 7.)data
What is a countermeasure?
A way to mitigate a potential risk. Reduce the risk of a threat agent by being able to exploit a vulnerability
what is layered security?
a security approach that combines multiple security controls and defenses to create a cumulative effect
layered security model
a security approach that defines seven layers of security
includes authentication and authorization, user management, and group policies
application
includes cryptography and secure transmissions
data
includes OS hardening, patch management, malware, and password attacks
host
includes each individual workstation, laptop, and mobile device
host
application
includes authentication, and authorization, user management, group policies, and web application security
host
includes each individual workstation, laptop, and mobile device. this layer includes log management, OS hardening, patch management and implementation, auditing, malware, and password attacks
physical
includes fences, door locks, mantraps, turnstiles, device locks, server cages, cameras, motion detectors, and environmental controls
perimeter
includes firewalls using ACLs and securing the wireless network
data
includes storing data properly, destroying data, classifying data, cryptography, and data transmission security
network
includes the installation and configuration of switches and routers, implementation of VLANS, penetration testing, and virtualization use
policies, procedures. and awareness
includes user education, manageable network plans, and employee onboarding and off-boarding procedures
which of the following is a security approach that combines multiple security controls and defenses and is sometimes called defense in depth?
layered security
includes implementation of VLANS, penetration testing; and the utilization of virtualization
network
includes firewalls using ACLs and securing the wireless network
perimeter
includes cameras, motion detectors, and even environmental controls
physical
includes fences, door locks, mantraps, turnstiles, device locks, and server cages
physical
includes how to manage employee onboarding and off-boarding
policies, procedures, and awareness
includes user education and manageable network plans
policies, procedures, and awareness
How can countermeasures reduce the risk of a threat agent by being able to exploit a vulnerability?
provides a security solution to an identified problem, is not dependent on secrecy, is testable and verifiable, provides uniform or consistent protection for all assets and users, is independent of other safeguards, requires minimal human intervention, is tamper-proof, has overrides and fall-safe defaults
employees are the single greatest threat to network security. therefore, user education is very important. Look for ways to take the following actions:
train employees so that they know that employees are the primary targets in most attacks, ensure employees understand that phishing attacks are one of the most common attacks directed at employees, ensure that employees can identify email, instant messaging, download, and website attacks, enforce effective password policies including a policy that prohibits writing down passwords, train employees to identify both internal and external threats, ensure that employees are aware of the company's security policies