defense in depth

0.0(0)
studied byStudied by 0 people
GameKnowt Play
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/3

encourage image

There's no tags or description

Looks like no tags are added yet.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

4 Terms

1
New cards

defense in depth (DiD)

  • uses several defensive security controls to protect the data, applications, and network

  • a layer of defense

  • applies security at all levels within the network

    • data and applications

    • host

    • network

    • physical environment

  • is designed to slow down the attack- uses the military approach

  • works in a way that if one security control fails, the next one would take over

  • uses administrative, physical, and technical controls

2
New cards

how it gets implemented

  • outermost layer- policies and procedures (audits, etc)

  • next layer- physical security (cameras, fences, bollards)

  • network security (firewall, IPS, IDS, sandboxing, alerts)

  • host security (patching, antivirus updates, access controls on data)

  • innermost layer- data and application security (encryption)

3
New cards

due care

a security risk management concept that involves taking reasonable steps to protect an organization’s information assets from identified risks and vulnerabilites. AKA ordinary care or reasonable care

4
New cards

Defense in Depth- another definition

  • aka layered defense

  • using the least privilege and DiD principles is a function of “due care”

  • should be systematically planned and designed with an outward-in or inward-out approach

  • can be applied to physical security or technical controls

  • can technically be deployed physically or virtually

    • can be a single appliance with multiple integrated engines

Explore top notes

Explore top flashcards