What Term Describes A Layered Security Approach That Provides The Comprehensive Protection?
What Term Describes A Layered Security Approach That Provides The Comprehensive Protection?
Share
Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
What Term Describes A Layered Security Approach That Provides The Comprehensive Protection?
The defense in-depth will describe the layered security approach that provides the comprehensive problem. Today let us discuss the defense-in-depth in detail.
Normally there are threats to every system that are present. There are several attackers who are trying to exploit them.
If we want to secure the system, firstly we need to consider the concept of the defense in depth.
Now let us actually know what actually the defense in depth means?
This defense in depth principle states that there is none or at least two things that will be secured completely in a system.
The main use of this is if one of the parts of the security system fails, then the other part of it must be able to resist the attack.
In a practical way, it represents the application of security for the layers.
Let us take an example to understand this concept in detail.
Here we can able to have the firewall and we can also have an IPS that is present on the edge of the network.
Here, after the firewall that means behind the firewall, there may consist of the email scanning service and on the work station, it may consist of the anti virus software.
For suppose if the attacker tries to send some of the malicious information or messages through this email.
Here the firewall and the IPS may not be able to pick the application which is of malicious information.
For this, we need to rely on the email scanner. Here if the email scanner is also down because of some of the circumstances. Let say the email scanner may have crashed. Hence, this email scanner cannot be able to pick the malicious information that is sent by the user.
Here we do not need to worry about that thing, but we have antivirus software that is present at the back of the email scanner. This will be able to protect or prevent from getting malicious information into the system.
We can learn this in detail in the defense in depth principle, this defense in depth will be able to reduce the risk and will able to provide the expensive security breach between it.
Here the common security mistake that occurs in many of the system users will mostly rely on the firewall.
But it will not be a safe thing to always rely on the firewalls. many people think that having a firewall can able to prevent the system from malicious information.
But it is not true in every possible case. Let us take an example to understand this concept in detail. Let say that the firewall will be using the IP addresses and the port numbers in order to allow or to deny the traffic that is coming. All this can be done by some of the advanced security firewalls that are present. This advanced firewall can able to determine if any attackers are trying to send malicious information.