ALL >> Computers >> View Article
Lesson 2: Creating The Security Design Framework
A security design framework is a structure on which all future security designs can be built. As a security designer, you should create a base security design framework on which your security designs can be built or you (or your design team) might end up with incomplete assessments in a IT Exams(http://www.buyitexam.com), lack of follow-through, and an incomplete picture of the changing security landscape.
After this lesson, you will be able to ,
Describe the components of a security design framework.
Describe the process for creating a security design framework.
Identify the principles of information security design.
Explain the purpose of threat modeling.
Perform threat modeling.
Design a process for responding to incidents.
Design the use of segmented networks.
Design a process for recovering services.
A perimeter network, also known as a DMZ because of its resemblance to a demilitarized zone agreed upon between hostile nations, defines a network that is neither part of the organization's internal network ...
... nor part of the external network, but is under the control of the organization.
Wingtiptoys.com uses the classic perimeter network, "which is flanked by two firewalls, as shown in Figure 1-6. Another possible design is the three-pronged network. A firewall with three network interfaces is part of the Tailspintoys.com network (shown in Figure 1-7) and is used to provide a connection to the external network, the internal network, and the 70-297 Exam(http://www.mcse-70-297.com). In either case, systems that need to communicate with the external network are placed on the perimeter network. This configuration provides another layer of protection for the internal network, as an attacker must first penetrate the perimeter network. In the pure, classic design, no access to the internal network is allowed from the perimeter network or external network. The inner firewall allows only access from the internal network to the perimeter network, and the outer firewall allows limited access in both directions.
Guidelines for Using Internal Segments To Improve Network Security Design
Traditionally, few internal networks are segmented for security reasons. The internal network has often, in the past, been described as the "trusted" network, and thus communications were not restricted within its boundaries. Today there is a growing realization that even internal networks are "hostile" networks, and one way to offer protection and free Microsoft question papers(www.examshots.com/vendor/Microsoft-1.html) to sensitive data and operations is to use traditional security gateways to internally segment the network. In this way, access to sensitive data and operations can be restricted to those trusted with it, and exposure of information is curtailed. Figure 1-8 shows a proposed internal network segmentation for Tailspintoys.com.
In either case, systems that need to communicate with the external network are placed on the perimeter network. This configuration provides another layer of protection for the internal network, as an attacker must first penetrate the perimeter network. In the pure, classic design, no access to the internal network is allowed from the perimeter network or external network. The inner firewall allows only access from the internal network to the perimeter network, and the outer firewall allows limited access in both directions.
Add Comment
Computers Articles
1. Few Good Insights To Follow With Pc Gaming In Australia!Author: Jack Williams
2. Transform Your Online Store With Australia's Leading Ecommerce Developers
Author: themerchantbuddy
3. How To Choose The Right Technology For Your mobile App?
Author: goodcoders
4. The Rise Of User Centered Web Design
Author: goodcoders
5. Reasons Why Laravel Perfect For Web Development?
Author: goodcoders
6. Ssd Vs Sas Vs Sata Drives: Which Is Better For Your Dedicated Server Hardware?
Author: The CyberTech
7. Raid Servers And Data Protection: Common Myths About Raid Servers
Author: The CyberTech
8. Top 8 Do's And Don’ts When Dealing With A Corrupted Sd Card
Author: The CyberTech
9. Nvme Vs Ssd: What To Choose For Your Storage Solutions?
Author: The CyberTech
10. 8 Common Data Recovery Myths Exposed!
Author: The CyberTech
11. Understanding Ssd Lifespan: Signs, Durability, Data Recovery, And Factors Affecting The Life Of An Ssd
Author: The CyberTech
12. Server Data Recovery Solutions: When Your Raid Server Is Crashed!
Author: The CyberTech
13. Data Recovery Solutions For Undetected Ssd On Bios
Author: The CyberTech
14. Problems Faced By Mobile Phone Users: Green Line Issue, Motherboard Failure, Phone Stuck On Logo And Mobile Data Recovery Possibilities
Author: The CyberTech
15. Ssd Vs Hdd: Weaknesses, Data Recovery Factors And Failure Rates
Author: The CyberTech