Download to read offline
More Related Content
Similar to Security Architecture, Security+ Domain 3.pdf
Security Architecture, Security+ Domain 3.pdf
- 1.
- 2. Architecture and Infrastructure Concepts Considerations Availability: Systemuptime and accessibility Patch Availability: Access to updates Resilience: Withstanding disruptions Risk Transference: Shifting risks to third parties Cost: Financial expenditure Ease of Deployment: Simple system launch Responsiveness: Reaction time Scalability: Growth with demand 3.1: SECURITY IMPLICATIONS OF DIFFERENT ARCHITECTURE MODELS SECURITY + DOMAIN 3 Cloud: On-demand remote computing resources Infrastructure as Code (IaC): Automated infrastructure provisioning Serverless: Function-based cloud services Microservices: Modular, deployable services Network Infrastructure: Hardware and software network components www.infosectrain.com
- 3. www.infosectrain.com SECURITY + DOMAIN 3 3.2: SECURITY PRINCIPLESTO SECURE ENTERPRISE INFRASTRUCTURE Infrastructure Considerations Network Appliances Firewall Types Secure Communication/ Access Security Zones: Defined security segments Attack Surface: Potential vulnerabilities Failure Modes: System failure types Device Attribute: Active and passive attributes Virtual Private Network (VPN): Encrypted network access Remote Access: Distant system entry Tunneling: Secure data passage Secure Access Service Edge (SASE): Unified security framework Proxy Server: Traffic intermediary IPS/IDS: Threat monitoring systems Load Balancer: Traffic distribution Sensor: Monitoring device Port Security: Control access via ports Web Application Firewall (WAF): Web traffic protection Next-Generation Firewall (NGFW): Advanced security firewall
- 4. www.infosectrain.com SECURITY + DOMAIN 3 Data Types Data Classifications 3.3 DATAPROTECTION CONCEPTS AND STRATEGIES Regulated Data: Legally controlled information Human and Non-Human-Readable Data: Text and binary formats Trade Secret: Proprietary business information Financial Information: Banking and monetary records Intellectual Property: Copyrighted or patented content Legal Information: Attorney-client privileged data Sensitive Data: Requires special protection Critical Data: Essential for operations Confidential Data: Restricted to certain individuals Private Data: Personal or sensitive information Public Data: Openly accessible information Restricted Data: Limited access information
- 5. www.infosectrain.com SECURITY + DOMAIN 3 3.3 DATA PROTECTIONCONCEPTS AND STRATEGIES General Data Considerations Methods to Secure Data Geographic Restrictions: Location-based data access Permission Restrictions: Access control limits Encryption: Secure data encoding Segmentation: Isolating data sections Hashing: Data integrity verification Obfuscation: Making data unintelligible Masking: Concealing sensitive information Tokenization: Replacing data with tokens Data States: In use, transit, storage Data Sovereignty: Jurisdictional data control Geolocation: Data location specifics
- 6. www.infosectrain.com 3.4: RESILIENCE ANDRECOVERY IN SECURITY ARCHITECTURE SECURITY + DOMAIN 3 High Availability Backups Platform Diversity: Multiple technology platforms used Testing Multi-Cloud Systems: Utilizing multiple cloud providers Continuity of Operations: Ensuring ongoing business functionality Load Balancing: Distributing traffic among servers Clustering: Grouping servers for redundancy Tabletop Exercise: Discussion-based emergency scenarios Failover: Automatic switching to backup system Simulation: Realistic, practice disaster scenarios Parallel Processing: Simultaneous system operation testing Onsite/Offsite: Local and remote backup storage Frequency: Regular backup intervals Recovery: Restoring from backup data Replication: Real-time data duplication Journaling: Logging changes for recovery
- 7. To Get MoreInsights Through Our FREE FOUND THIS USEFUL? Courses | Workshops | eBooks | Checklists | Mock Tests LIKE FOLLOW SHARE