Question

What is this defense in depth approach to security? What are attributes of defense in depth? Provide examples of it

Answer 1

Defense in Depth Aprroach is also known as Catle Approach. It is an information assurance concept in which mutiple lvels of security controls are placed throughout an Information Technology System. Its purpose is to provide redundancy in the event a security control fails or a vulnerability is exploited that can cover aspects of personnel, procedural, technical and physical security for the duration of the system's life cycle.

Defense in depth can be divided into three areas: Physical, Technical, and Administrative

Physical controls are anything that physically limits or prevents access to IT systems. Fences, guards, dogs, and CCTV systems and the like.

Technical controls are hardware or software whose purpose is to protect systems and resources. Examples of technical controls would be disk encryption, fingerprint readers, and authentication. Hardware technical controls differ from physical controls in that they prevent access to the contents of a system, but not the physical systems themselves.

Administrative controls are an organization's policies and procedures. Their purpose is to ensure that there is proper guidance available in regards to security and that regulations are met. They include things such as hiring practices, data handling procedures, and security requirements.

• Proxy server
• Antivirus software
• Authentication and password security
• Biometrics
• Demilitarized zones (DMZ)
• Data-centric security
• Encryption
• Multi-factor authentication
• Firewalls (hardware or software)
• Hashing passwords
• Intrusion detection systems (IDS)
• Logging and auditing
• Vulnerability scanners
• Physical security (e.g. deadbolt locks)
• Timed access control
• Internet Security Awareness Training
• Virtual private network (VPN)
• Intrusion Protection System (IPS)
• Sandboxing

Three key attributes of secure networking are :

Access control - knowing who is on the network (authentication), what resources they are authorized to use, and applying these access controls to their traffic

Integrity - guaranteeing that the network itself is available as a business critical resource and that threats can be identified and mitigated.

Privacy - ensuring that traffic on the network is not accessible to unauthorized users.