Scribd
Upload
904 views22 pages

Comprehensive Guide to Defense in Depth

This document discusses the principles of defense in depth for cybersecurity. It covers topics like basic security policy, access control, password management, incident handling, information warfare, and web security. The three bedrock principles of security are outlined as confidentiality, integrity, and availability. Authentication, identity, and authorization are discussed in relation to using something you know, have, or are to verify identity. Different types of data classification like top secret, secret, confidential, and unclassified are outlined. Threats, vulnerabilities, and the relationship between risk, threats, and vulnerabilities are defined. Finally, examples of historical security incidents are provided to illustrate impacts to confidentiality, integrity, and availability.

Uploaded by

IndraAbdurRohman
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd

Topics covered

  • Access Control,
  • Authorization,
  • Network Security,
  • Authentication,
  • Availability,
  • Authentication Methods,
  • Biometric Authentication,
  • Historical Cyber Incidents,
  • Security Tokens,
  • Biometric Limitations
904 views22 pages

Comprehensive Guide to Defense in Depth

This document discusses the principles of defense in depth for cybersecurity. It covers topics like basic security policy, access control, password management, incident handling, information warfare, and web security. The three bedrock principles of security are outlined as confidentiality, integrity, and availability. Authentication, identity, and authorization are discussed in relation to using something you know, have, or are to verify identity. Different types of data classification like top secret, secret, confidential, and unclassified are outlined. Threats, vulnerabilities, and the relationship between risk, threats, and vulnerabilities are defined. Finally, examples of historical security incidents are provided to illustrate impacts to confidentiality, integrity, and availability.

Uploaded by

IndraAbdurRohman
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd

Topics covered

  • Access Control,
  • Authorization,
  • Network Security,
  • Authentication,
  • Availability,
  • Authentication Methods,
  • Biometric Authentication,
  • Historical Cyber Incidents,
  • Security Tokens,
  • Biometric Limitations
  • Defense In-Depth: Covers foundational cybersecurity concepts focusing on layers of defense for protecting information.
  • Identity, Authentication & Authorization: Explores concepts of identity, authentication, and authorization, clarifying their meanings in security contexts.
  • Data Classification: Details the process and importance of classifying data based on their sensitivity and required security level.
  • Threats: Outlines different types of threats to information security, including both physical and electronic dangers.
  • Vulnerabilities: Explains vulnerabilities as weaknesses that can be exploited by threats, emphasizing their identification and prevention.
  • The Threat Model: Defines the threat model framework, relating risk to vulnerabilities and threats.
  • Five Lessons from History: Illustrates important historical incidents in cybersecurity, describing their impact on availability and integrity.

Defense In-Depth

FORESEC Academy
Security Essentials (II) :
Defense In-Depth

Defense in-Depth Agenda


Defense

in-Depth
Basic Security Policy
Access Control and Password
Management
Incident Handling Foundations
Information Warfare
Web Communications and Security

Defense in-Depth
We have covered: networking, IP, IP
behaviour, basic traffic analysis, routing,
host perimeter defense.
Now, we add security policy, password
strength and assessment, incident handling,
information warfare and web security.

Defense in-Depth (2)

Three Bedrock Principles


Confidentiality
Integrity
Availability

Identity, Authentication &


Authorization
Dont

Authentication and Identity


mean the same thing?
If we have Authentication and
Identity then do we need
Authorization?

Authentication
Based

on:
- Something you know
Password, PIN
- Something you have Photo ID
or Security Token
- Something you are Biometrics

Security Token

Combined

with a PIN, this is two factor


authentication - something you have and
something you know.

Biometric authentication
Iris

scanners
Retinal scanners
Hand geometry substantiaters
Finger scanners, and many others
as well . . . even facial scanners

Biometric authentication
Despite

its rising popularity, biometric


authentication is not without its
downsides. Once compromised, unlike
passwords or tokens, biometric
parameters cannot be changed.
However, some aspects of the body
can be simulated for detectors, as
seen in many spy movies.

Data Classification
We

classify data with differing levels


of sensitivity
Why do we put labels on our data?
You cant protect it all so some data
requires more protection than others

A quick listing of the DoD and federal


Top Secret - The highest levels of protection are
levels

given to this data; it is critical to protect.


Secret - This data is important, and its release could
harm national security.
Confidential - This is important, and it could be
detrimental to national security if released.
Sensitive But Unclassified (SBU) - This generally is
information that is sensitive and should not be
released (like SSNs).
Unclassified - They prefer to keep it from being
released but the nation would not be harmed if it
were.

Threats
Activity

that represents possible danger


Can come in different forms & from different
sources
There are physical threats, like fires, floods,
terrorist activities, and random acts of
violence.
And there are electronic threats, like hackers,
vandals, and viruses.

Threats
You

cant protect against all threats


Protect against the ones that are most
likely or most worrisome based on:
- Business goals
- Validated data
- Industry best practice

Vulnerabilities
Weaknesses

that allow threats to

happen
Must be coupled with a threat to have
an impact
Can be prevented (if you know about
them)

Relating Risk, Threat and


Vulnerability
Risk

= Threat x Vulnerability

The Threat Model


Threat
Vulnerability
Compromise

Vulnerabilities are the gateways


by which threats are manifested.

Five Lessons from History


Morris

worm Availability 1988


Melissa - Availability 1999
W32.SirCam worm - Confidentiality 2001
Code Red II - Integrity 2001
Blaster worm - Availability and
Integrity - 2003

You might also like