Chapter 10
Defense-in-Depth Security Architectures
THE COMPTIA CYBERSECURITY ANALYST+ EXAM OBJECTIVES COVERED IN THIS CHAPTER INCLUDE:
- Domain 4: Security Architecture and Tool Sets
- ✓ 4.3 Given a scenario, review security architecture and make recommendations to implement compensating controls.
A well-designed security architecture design seeks to eliminate, or at least minimize, the number of points where a single failure can lead to a breach. The controls that make up each of the layers of security for an organization can include technical controls, administrative controls, and physical controls that prevent, detect, or correct issues.
In the first half of this chapter, we will explore defense-in-depth designs and layered security concepts. We will then look at how those concepts are implemented via network designs, host security models, administrative security tools and techniques, and personnel security practices. Together, these techniques and design elements can create...