EbookBell.com

Most ebook files are in PDF format, so you can easily read them using various software such as Foxit Reader or directly on the Google Chrome browser.
Some ebook files are released by publishers in other formats such as .awz, .mobi, .epub, .fb2, etc. You may need to install specific software to read these formats on mobile/PC, such as Calibre.

Please read the tutorial at this link: https://ebookbell.com/faq

We offer FREE conversion to the popular formats you request; however, this may take some time. Therefore, right after payment, please email us, and we will try to provide the service as quickly as possible.

For some exceptional file formats or broken links (if any), please refrain from opening any disputes. Instead, email us first, and we will try to assist within a maximum of 6 hours.

EbookBell Team

4012 Defenseindepth And Attacks Secure Anchor Consulting

SKU: BELL-12084722

$ 31.00 ~~$ 45.00~~ (-31%)

0.0

0 reviews

4012 Defenseindepth And Attacks Secure Anchor Consulting instant download after payment.

Publisher: SANS Institute

File Extension: PDF

File size: 54 MB

Pages: 193

Author: Secure Anchor Consulting

Language: English

Year: 2017

Product desciption

4012 Defenseindepth And Attacks Secure Anchor Consulting by Secure Anchor Consulting instant download after payment.

SEC401.2: Defense-in-Depth
Overview
To secure an enterprise network, you must understand the general principles of network security. On Day 2, we look at the "big picture" threats to our systems and how to defend against them. We will learn that protections need to be layered leveraging a principle called defense-in-depth, and then explain the principles that will serve us well in protecting our systems.
The section starts with information assurance foundations. We look at security threats and how they have impacted confidentiality, integrity, and availability. The most commonly discussed aspect of defense-in-depth is predicated on access controls. As such, with a solid foundation on the aspects of information assurance in place, we move onto the aspects of identity and access management. Even though, for more than 30 years, passwords (the most commonly used form of authentication for access control) were to be deprecated and moved away from, we still struggle today with the compromises that result from credential theft. What we can do for modern authentication is the focus of our discussion on authentication and password security. Toward the end of the book we shift our focus to modern security controls that will work in the presence of the modern adversary. We do so by leveraging the Center for Internet Security (CIS) controls to help prioritize our risk reduction activities and gather metrics as we construct our security roadmap. While realizing that our networks are the foundation for both our (and the adversaries) activities, we might be naturally curious as to what else we can do from an overall environmental focus on how best to secure our data. This naturally leads to a discussion on Data Loss Prevention techniques. Last, but certainly not least, a discussion of defense-in-depth would not be complete without a discussion of, perhaps, the most important aspect of any security program - Security Plans and Risk Management. Cyber security is really just a different form of risk management. A modern-day defender will not be a capable defender without understanding the constitution of risk, how information security risk must tie back to organizational risk, and the methods used to appropriately address gaps in risk.