security component accross osi layers

1. Technical
presentation
skills

2. Table of contents
You can describe the
topic of the section here
You can describe the
topic of the section here
You can describe the
topic of the section here
You can describe the
topic of the section here
You can describe the
topic of the section here
You can describe the
topic of the section here
01
04
02
05
03
06
Introduction Techniques
Misconceptio
n
Historical Practices Exercises

3. Exercise 1
01
Establishing Defense-in-Depth Across OSI Layers

4. 01
NGFW
A more advanced firewall
that provides not only
traditional port and
protocol filtering but also
application-level
inspection, intrusion
prevention, and threat
intelligence integration to
detect and prevent
modern threats.
Security Components
02
IDS/IPS
Monitors network
traffic for malicious
activity, raising alerts
(IDS) or taking
automated preventive
actions (IPS) to block
potential attacks in
real-time.
03
VPN
Creates a secure,
encrypted tunnel over
the internet to ensure
confidentiality and
integrity when
connecting remote
users or networks.
04
WAF
Protects web applications
by filtering and
monitoring HTTP traffic
between a web application
and the internet, shielding
them from common
attacks such as cross-site
scripting (XSS) and SQL
injection.

5. Security Components
08
MFA
Enhances security by
requiring users to
provide two or more
verification factors
(e.g., password,
fingerprint, one-time
code) to gain access to
systems or
applications.
07
IAM
Controls user access to
systems and data by
enforcing strict
authentication and
authorization
processes, ensuring
that only legitimate
users can perform
approved actions.
05
EDR
Provides continuous
monitoring and
response to advanced
threats on endpoints,
including detection of
malware, fileless
attacks, and
suspicious behavior
that traditional
antivirus solutions
may miss.
06
NAC
Enforces security
policies by controlling
which devices can
access the network
based on predefined
compliance checks,
such as device posture,
security updates, and
user authentication.

6. Security Components
09
SIEM
Aggregates and analyzes
security logs and events
from various sources
across the network,
providing real-time threat
detection, incident
response, and reporting.
10
Encryption
Ensures
confidentiality of data
by encrypting
communications
between users and
applications over the
internet, preventing
eavesdropping and
tampering.

7. Defense-in-Depth Concept Overview
Defense-in-Depth is a security strategy that
employs multiple layers of defense across
different areas of the network. Each layer
acts as an additional barrier to prevent
attackers from reaching critical assets.

8. Data Security Data Encryption (AES, TLS), Data Loss
Prevention (DLP), Role-Based Access
Control (RBAC), Attribute-Based
Access Control (ABAC)
Comprehensive Defense-in-Depth Strategy
Internal Network
Security
Perimeter Security
Physical Security
Policies, Procedures,
and Awareness
Security Policies, Data Classification,
Employee Awareness Training
Access Control Systems
(keycard/biometric access), Security
Cameras, Guards/Fences
NGFW, VPN, WAF, IPS/IDS
Firewall, IPS/IDS, Encryption, NAC
Patch Management, EDR
Application Security
WAF, API Security, Authentication
Mechanisms (MFA/SSO), Secure
Software Development Practices
Host Security

9. Defense-in-Depth Applied

10. Exercise 2
02
Establishing Defense-in-Depth Across OSI Layers

11. Zero Trust Architecture: A Modern
Security Framework
• Zero Trust is a security concept that assumes no entity
(internal or external) is automatically trusted. Every access
request is authenticated, authorized, and continuously
verified. It focuses on minimizing risk through:
• Continuous verification.
• Least privilege access.
• Micro-segmentation of network and resources.
• Assuming breach: Every interaction is treated as potentially
compromised, and security checks are performed at every access
point.

12. Zero Trust for Business Mobility and
Work-from-Home
• Zero Trust Network Access (ZTNA): Replaces VPNs by
applying identity-based policies to control access.
• Identity and Access Management (IAM) with MFA: Uses
robust IAM solutions to enforce identity verification and
secure access.
• Endpoint Detection and Response (EDR): Continuous
monitoring of endpoints ensures compliance before
granting access.

13. References
•Wallarm, “Defense-in-Depth: A Cybersecurity Strategy to Protect Resources,” Wallarm Blog, Feb. 26, 2024.
[Online]. Available: https://www.wallarm.com/what/defense-in-depth-concept. [Accessed: Oct. 4, 2024].
•M. Beschokov, “Elements of Defense-in-Depth Strategy: The Comprehensive Approach,” Wallarm Learning
Center, Feb. 26, 2024. [Online]. Available: https://lab.wallarm.com/ufaq-category/defense-in-depth-concept/.
[Accessed: Oct. 4, 2024].
•SANS Institute, “Defense in Depth: An Effective Approach to Cybersecurity,” SANS Whitepaper, Aug. 10,
2023. [Online]. Available: https://www.sans.org/white-papers/defense-depth/. [Accessed: Oct. 4, 2024].
•Cisco Systems, “Understanding Defense-in-Depth Security,” Cisco Blog, Aug. 2023. [Online]. Available:
https://www.cisco.com/c/en/us/about/security-center/defense-in-depth.html. [Accessed: Oct. 4, 2024].
•NIST, “Guide to General Server Security (SP 800-123),” National Institute of Standards and Technology, Jul.
2023. [Online]. Available: https://csrc.nist.gov/publications/detail/sp/800-123/final. [Accessed: Oct. 4, 2024].
•NIST SP 800-207: The official NIST Zero Trust Architecture framework that provides guidelines and best
practices for implementing Zero Trust.
•Forrester's Zero Trust eXtended (ZTX) Framework: A comprehensive model that extends Zero Trust beyond
the network to include identity, endpoints, applications, and data.
•Gartner's Definition of Zero Trust: Insights into the adoption of Zero Trust principles across various industries.