3. Security Architecture

3.1 Compare and contrast security implications of different architecture models.

Architecture and Infrastructure Concepts:

  • Cloud:
    • Responsibility Matrix: Defines the division of responsibilities between the cloud service provider and the customer regarding security, compliance, and management of resources.
    • Hybrid Considerations: Strategies and challenges involved in integrating on-premises infrastructure with cloud services.
    • Third-party Vendors: Incorporating services and solutions from external providers into cloud architectures.
  • Infrastructure as Code (IaC): Automating the provisioning and management of infrastructure using code and configuration files.
    • Serverless: Architectural approach where cloud providers manage the infrastructure, allowing developers to focus solely on writing and deploying code.
    • Microservices: Architectural style where applications are composed of small, independently deployable services, promoting modularity and scalability.

Network Infrastructure:

  • Physical Isolation: Creating network segments physically separated from other parts, often for security or regulatory compliance reasons (e.g., air-gapped networks).
  • Logical Segmentation: Dividing networks into logical segments using techniques such as VLANs or software-defined networking (SDN).
  • Software-defined Networking (SDN): Managing network infrastructure programmatically through software, abstracting the underlying hardware.
  • On-premises: Infrastructure and services hosted within an organization’s physical facilities rather than in the cloud.
  • Centralized vs. Decentralized: Contrasting approaches to organizing infrastructure management and decision-making authority.
  • Containerization: Encapsulating applications and their dependencies into lightweight, portable containers for deployment across different environments.
  • Virtualization: Creating virtual instances of servers, operating systems, storage, or networks to maximize resource utilization and flexibility.
  • IoT (Internet of Things): Network of interconnected devices that communicate and exchange data, often involving sensors, actuators, and embedded systems.
  • Industrial Control Systems (ICS) / Supervisory Control and Data Acquisition (SCADA): Systems used to monitor and control industrial processes and critical infrastructure.
  • Real-time Operating System (RTOS): Operating system optimized for handling real-time processing requirements, often used in embedded systems and IoT devices.
  • Embedded Systems: Computing devices with specialized functions and limited resources, embedded within larger systems or products.
  • High Availability: Design principle aiming to minimize downtime and ensure continuous operation of critical systems and services.

Considerations:

  • Availability: Ensuring systems and services are accessible and operational when needed.
  • Resilience: Ability to withstand and recover from disruptions, failures, or attacks.
  • Cost: Balancing infrastructure expenses with budgetary constraints and business needs.
  • Responsiveness: Ability to quickly adapt and scale infrastructure to meet changing demands.
  • Scalability: Capacity to expand or shrink resources in response to workload changes.
  • Ease of Deployment: Simplifying the process of deploying and configuring infrastructure components.
  • Risk Transference: Shifting security and operational risks to third-party service providers or insurance mechanisms.
  • Ease of Recovery: Simplifying and accelerating the restoration of services after disruptions or failures.
  • Patch Availability: Timely availability of software patches and updates to address vulnerabilities and improve security.
  • Inability to Patch: Addressing challenges associated with patching legacy or embedded systems that cannot be easily updated.
  • Power: Ensuring sufficient and reliable power supply to support infrastructure operations.
  • Compute: Managing computational resources to meet performance requirements and optimize resource utilization

3.2 Given a scenario, apply security principles to secure enterprise infrastructure.

Infrastructure Considerations:

  • Device Placement: Strategic positioning of network devices and assets to optimize performance, security, and accessibility.
  • Security Zones: Segregation of network resources into distinct zones based on security requirements and trust levels.
  • Attack Surface: Total sum of vulnerabilities and entry points that attackers can exploit to compromise a system or network.
  • Connectivity: Establishing reliable connections between network components while considering bandwidth, latency, and reliability.

Failure Modes:

  • Fail-Open: Devices or systems that default to an open state when they encounter a failure, potentially exposing the network to risks.
  • Fail-Closed: Devices or systems that default to a closed or secure state when they encounter a failure, preventing unauthorized access.

Device Attribute

  • Active vs. Passive: Active devices perform actions on data packets (e.g., firewalls), while passive devices observe and analyze network traffic (e.g., network monitoring tools).
  • Inline vs. Tap/Monitor: Inline devices sit directly in the data path and can actively intercept or modify traffic, whereas tap/monitor devices passively monitor traffic without interrupting the flow.

Network Appliances:

  • Jump Server: Intermediate server used to access and manage devices in a separate, more secure network segment.
  • Proxy Server: Intermediary server that acts as an intermediary between clients and other servers, providing various functionalities such as caching, filtering, and anonymization.
  • Intrusion Prevention System (IPS) / Intrusion Detection System (IDS): Security appliances designed to monitor network traffic for suspicious activity and take action to prevent or mitigate attacks.
  • Load Balancer: Device that distributes incoming network traffic across multiple servers to optimize resource utilization, improve scalability, and enhance reliability.
  • Sensors: Devices that collect data from the environment or network for monitoring and analysis, often used for security monitoring and threat detection.

Port Security:

  • 802.1X: IEEE standard for port-based network access control, allowing authentication and authorization of devices before granting access to the network.
  • Extensible Authentication Protocol (EAP): Framework for network authentication methods used in 802.1X and other authentication protocols.

Firewall Types:

  • Web Application Firewall (WAF): Firewall specifically designed to protect web applications from common web-based attacks.
  • Unified Threat Management (UTM): Comprehensive security appliance that combines multiple security features such as firewall, antivirus, intrusion detection, and content filtering into a single platform.
  • Next-Generation Firewall (NGFW): Firewall appliance that integrates traditional firewall capabilities with advanced security features like application awareness, intrusion prevention, and deep packet inspection.
  • Layer 4/Layer 7: Classifies firewalls based on the layers of the OSI model they operate at, with Layer 4 firewalls filtering traffic based on IP addresses and port numbers, while Layer 7 firewalls can inspect and filter traffic based on application-layer data.

Secure Communication/Access:

  • Virtual Private Network (VPN): Secure encrypted tunnel that allows remote users to securely access the organization’s network resources over the internet.
  • Remote Access: Provision of secure access to network resources for users located outside the organization’s premises.

Tunneling:

  • Transport Layer Security (TLS): Protocol that provides secure communication over a computer network, commonly used for securing web traffic.
  • Internet Protocol Security (IPSec): Suite of protocols for securing IP communications by authenticating and encrypting each IP packet of a data stream.
  • Software-Defined Wide Area Network (SD-WAN): Approach to network connectivity that uses software-defined networking (SDN) to intelligently route traffic across the WAN, optimizing performance and reducing costs.
  • Secure Access Service Edge (SASE): Converged networking and security architecture that combines WAN capabilities with cloud-native security functions to support secure remote access and direct-to-cloud connectivity.

Selection of Effective Controls:

Choosing and implementing security controls based on risk assessments, compliance requirements, organizational needs, and industry best practices to mitigate threats and vulnerabilities effectively.

3.3 Compare and contrast concepts and strategies to protect data.

Data Types:

  • Regulated: Data subject to specific laws and regulations governing its collection, storage, processing, and sharing, such as personal health information (PHI) under HIPAA or financial data under PCI DSS.
  • Trade Secret: Proprietary information that provides a competitive advantage to a business and is protected by intellectual property laws.
  • Intellectual Property: Creations of the mind, such as inventions, literary and artistic works, designs, symbols, and trade secrets, protected by copyright, patents, and trademarks.
  • Legal Information: Data related to legal matters, including contracts, litigation documents, and attorney-client privileged communications.
  • Financial Information: Data concerning financial transactions, accounts, investments, and assets, which may include personally identifiable information (PII) and payment card data.
  • Human- and Non-Human-Readable: Data formats that can be understood by humans (e.g., text, images) and those intended for machine processing (e.g., binary, encrypted data).

Data Classifications:

  • Sensitive: Data that requires protection due to its sensitivity and potential impact on individuals, organizations, or society if compromised.
  • Confidential: Data that should be kept private and disclosed only to authorized individuals or entities, often subject to confidentiality agreements or laws.
  • Public: Data intended for unrestricted access and sharing, typically non- sensitive information that can be freely distributed.
  • Restricted: Data with limited access based on specific criteria or authorization requirements, often containing sensitive or confidential information.
  • Private: Data designated for internal use within an organization and not intended for public disclosure.
  • Critical: Data essential to the operation or mission of an organization, the loss or compromise of which could have severe consequences.

General Data Considerations:

Data States:

  • Data at Rest: Data stored in databases, files, or other storage systems.
  • Data in Transit: Data being transmitted over a network or communication channel.
  • Data in Use: Data actively being processed or accessed by applications or users.
  • Data Sovereignty: Legal concept specifying the jurisdiction under which data is subject to the laws and regulations of a particular country or region.
  • Geolocation: Identification of the physical location or origin of data, which may have implications for data privacy, security, and compliance.

Methods to Secure Data:

  • Geographic Restrictions: Limiting access to data based on the geographic location of users or devices.
  • Encryption: Converting data into a ciphertext format using cryptographic algorithms to prevent unauthorized access.
  • Hashing: Generating a unique fixed-size string (hash value) from data input, commonly used for data integrity verification.
  • Masking: Concealing specific portions of data to prevent unauthorized disclosure while maintaining usability for authorized purposes.
  • Tokenization: Substituting sensitive data with a non-sensitive equivalent (token) that retains the format and length of the original data but has no exploitable value.
  • Obfuscation: Intentionally obscuring or hiding data to make it unintelligible or harder to interpret for unauthorized parties.
  • Segmentation: Dividing networks or systems into isolated segments to contain the spread of threats and limit unauthorized access.
  • Permission Restrictions: Applying access controls and permissions to data based on user roles, privileges, or other criteria to enforce the principle of least privilege.

3.4 Explain the importance of resilience and recovery in security architecture.

High Availability:

Load Balancing vs. Clustering:

  • Load Balancing: Distributing incoming network traffic across multiple servers to optimize resource utilization, maximize throughput, and ensure high availability.
  • Clustering: Connecting multiple independent servers or nodes to work together as a single system, providing redundancy and fault tolerance.

Site Considerations:

  • Hot Site: Fully equipped facility with infrastructure and systems ready to be operational within a short time frame after a disaster.
  • Cold Site: Facility lacking pre-installed infrastructure and systems, requiring setup and configuration before becoming operational after a disaster.
  • Warm Site: Partially equipped facility with some infrastructure and systems in place, reducing the time required for setup compared to a cold site.
  • Geographic Dispersion: Spreading critical infrastructure and resources across multiple locations to minimize the impact of regional disasters or disruptions.

Platform Diversity:

Utilizing a variety of hardware, software, and cloud platforms to mitigate the risk of single points of failure and enhance overall system resilience.

Multi-cloud Systems:

Deploying applications and services across multiple cloud providers to increase redundancy, avoid vendor lock-in, and enhance flexibility and resilience.

Continuity of Operations:

Ensuring the uninterrupted availability of critical business functions and processes during and after disruptive events or disasters.

Capacity Planning:

  • People: Ensuring the availability of skilled personnel to manage and support IT systems during normal operations and emergencies.
  • Technology: Assessing and allocating resources to meet current and future demands, including hardware, software, and network infrastructure.
  • Infrastructure: Scaling and optimizing IT infrastructure to accommodate changes in workload, user demand, and business requirements.

Testing:

  • Tabletop Exercises: Simulated discussions and walkthroughs of disaster scenarios to evaluate preparedness, identify gaps, and refine response plans.
  • Failover: Testing the automatic or manual transfer of operations from a primary to a secondary system or site to ensure continuity.
  • Simulation: Emulating real-world scenarios to assess the effectiveness of disaster recovery and business continuity plans.
  • Parallel Processing: Executing tasks simultaneously across multiple systems or nodes to improve performance and resilience.

Backups:

  • Onsite/Offsite: Storing backup copies of data and systems either onsite (within the same physical location) or offsite (at a separate location).
  • Frequency: Establishing regular backup schedules based on the criticality of data and business requirements.
  • Encryption: Protecting backup data with encryption to safeguard confidentiality and prevent unauthorized access.
  • Snapshots: Capturing point-in-time copies of data for quick recovery and data consistency purposes.
  • Recovery: Implementing procedures and tools to restore data and systems to a functional state after a disruption or failure.
  • Replication: Creating duplicate copies of data or systems in real-time or near-real-time to maintain redundancy and availability.
  • Journaling: Recording changes made to data or systems over time to facilitate recovery and rollback procedures.

Power:

  • Generators: Backup power sources that can provide electricity during outages or emergencies.
  • Uninterruptible Power Supply (UPS): Devices that provide short-term power backup and surge protection to prevent data loss or equipment damage.
Previous Next
Subscribe To Our Newsletter

We’ll share with you test preparation tips, exam updates, and exclusive deals.

About Us
Contact Us
Blog
Privacy Policy
FAQs
Terms of Use