Contenu du cours
CISSP Exam preparation
0/14
CISSP Exam preparation
CISSP Exam Preparation Exam Advanced
Mock Exam Quiz
CISSP Exam preparation
Lesson 1: Introduction & Domain 1 – Security and Risk Management
Lesson 2: Domain 2 – Asset Security
Lesson 3: Domain 3 – Security Architecture and Engineering
Lesson 4: Domain 4 – Communication and Network Security
Lesson 5: Domain 5 – Identity and Access Management
Lesson 6: Domain 6 – Security Assessment and Testing
Lesson 7: Domain 7 – Security Operations
Lesson 8: Domain 8 – Software Development Security
Lesson 9: Advanced Topics and Emerging Trends in Cybersecurity
Lesson 10: Conclusion, Review, and Exam Preparation
CISSP Exam preparation – Course and 630 practice questions

Lesson 3: Domain 3 – Security Architecture and Engineering

1. Overview of Security Architecture and Engineering

1.1 Purpose and Scope

  • Definition:
    Security Architecture and Engineering is the discipline focused on designing and building secure systems and environments. It encompasses the strategic design of security controls, processes, and technical architectures to protect information assets.

  • Importance:
    This domain ensures that security is built into the fabric of an organization’s IT infrastructure. It bridges the gap between theoretical security models and practical, real-world implementation.

  • Key Objectives:

    • Establish a secure baseline for systems and networks.

    • Integrate security principles into all phases of system development.

    • Provide a framework to mitigate emerging threats and vulnerabilities.

2. Secure Design Principles and Frameworks

2.1 Core Principles of Secure Design

  • Least Privilege:
    Ensure that users and systems only have the access necessary for their functions.

  • Separation of Duties:
    Distribute tasks and privileges to minimize the risk of fraud or error.

  • Fail-Safe Defaults:
    Design systems so that, by default, access is denied unless explicitly granted.

  • Economy of Mechanism:
    Keep designs as simple as possible to reduce vulnerabilities.

  • Complete Mediation:
    Every access attempt must be checked for authority.

  • Open Design:
    Security should not depend on secrecy of design or implementation.

2.2 Architectural Frameworks

  • TOGAF (The Open Group Architecture Framework):
    Provides a structured approach for designing, planning, and implementing enterprise architecture with security as a critical component.

  • SABSA (Sherwood Applied Business Security Architecture):
    Focuses on aligning security strategies with business objectives, using a layered approach to design security architecture.

  • Discussion:
    Compare and contrast these frameworks and discuss when each is most appropriate for different organizational contexts.

3. Security Models and Concepts

3.1 Common Security Models

  • Bell-LaPadula Model:
    Emphasizes data confidentiality, using concepts such as « no read up » and « no write down » to prevent unauthorized information flow.

  • Biba Model:
    Focuses on data integrity, preventing unauthorized modification of information.

  • Clark-Wilson Model:
    Emphasizes well-formed transactions and separation of duties to ensure data integrity and prevent fraud.

  • Application:
    Evaluate real-world scenarios where these models influence access control and data handling decisions.

3.2 Access Control Models

  • Mandatory Access Control (MAC):
    Access decisions are based on fixed policies determined by the system.

  • Discretionary Access Control (DAC):
    Access is determined by the owner of the resource.

  • Role-Based Access Control (RBAC):
    Access is based on the roles assigned to users, aligning with job responsibilities.

  • Exam Tip:
    Understand the differences among these models and the contexts in which they are best applied.

4. Cryptography in Security Architecture

4.1 Cryptographic Fundamentals

  • Purpose:
    Cryptography is essential for protecting data confidentiality, ensuring integrity, and authenticating identities.

  • Key Types:

    • Symmetric Encryption: Uses a single key for both encryption and decryption.

    • Asymmetric Encryption: Uses a public-private key pair, offering benefits for secure key exchange.

  • Digital Signatures and Certificates:
    Ensure authenticity and non-repudiation in digital communications.

  • Key Management:
    Critical for maintaining the security of cryptographic systems—covering key generation, distribution, storage, and destruction.

4.2 Cryptographic Algorithms and Protocols

  • Examples:
    AES (Advanced Encryption Standard) for symmetric encryption; RSA and ECC (Elliptic Curve Cryptography) for asymmetric encryption.

  • Secure Protocols:
    TLS/SSL for secure web communications; IPSec for secure network layer communications.

  • Case Study:
    Explore how a financial institution uses a layered cryptographic approach to secure online transactions.

  • Exam Insight:
    Focus on understanding how and why different algorithms are used, as well as the challenges associated with key management.

5. Security Controls and Countermeasures

5.1 Types of Security Controls

  • Preventive Controls:
    Aim to avoid security incidents (e.g., firewalls, access control mechanisms).

  • Detective Controls:
    Identify and alert on security breaches (e.g., intrusion detection systems, log monitoring).

  • Corrective Controls:
    Facilitate recovery after an incident (e.g., backups, incident response plans).

5.2 Engineering Controls

  • Physical Controls:
    Secure the hardware and physical environment through locks, surveillance, and environmental controls.

  • Technical Controls:
    Include software-based measures such as antivirus, encryption, and secure coding practices.

  • Administrative Controls:
    Policies, procedures, and guidelines that ensure proper management of security practices.

6. Secure Network Architecture and Design

6.1 Network Segmentation and Isolation

  • Concepts:
    Divide a network into segments (e.g., VLANs, DMZs) to contain breaches and limit lateral movement.

  • Implementation:
    Use firewalls, routers, and network access control (NAC) systems to enforce segmentation.

  • Zero Trust Architecture:
    Adopt the “never trust, always verify” approach by assuming that threats exist both inside and outside the network perimeter.

6.2 Secure Protocols and Communication Channels

  • VPNs and Secure Tunneling:
    Establish encrypted tunnels for remote access.

  • Secure Web Protocols:
    Use HTTPS, SSL/TLS, and secure email protocols to protect data in transit.

  • Best Practices:
    Regularly update and patch network devices to mitigate vulnerabilities.

7. Vulnerability and Threat Modeling

7.1 Identifying Vulnerabilities

  • Common Vulnerabilities:
    Software bugs, configuration errors, and architectural weaknesses.

  • Assessment Techniques:
    Use vulnerability scanning, penetration testing, and security audits to identify weaknesses.

7.2 Threat Modeling

  • Purpose:
    Systematically identify and prioritize potential threats to an organization’s assets.

  • Methodologies:
    STRIDE (Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, Elevation of Privilege) is commonly used to categorize threats.

  • Exercise:
    Develop a threat model for a hypothetical web application, mapping vulnerabilities to potential threats and proposing mitigations.

8. Security Engineering Life Cycle

8.1 Secure System Development Life Cycle (SSDLC)

  • Phases:

    • Requirements Gathering: Identify security requirements early.

    • Design: Incorporate security principles into system architecture.

    • Implementation: Follow secure coding standards and best practices.

    • Verification: Conduct thorough testing (e.g., penetration testing, code reviews).

    • Deployment and Maintenance: Ensure ongoing monitoring, updates, and incident response.

  • Integration of Security Testing:
    Include regular vulnerability assessments and security audits throughout the life cycle.

  • Real‑World Example:
    Discuss how an enterprise applies SSDLC principles to minimize risks during software development.

9. Exam Tips and Practical Exercises

9.1 Key Takeaways

  • Understand Core Concepts:
    Master secure design principles, cryptographic fundamentals, and network architecture basics.

  • Practical Application:
    Work through case studies and threat modeling exercises to relate theoretical knowledge to real-world scenarios.

  • Review Security Models:
    Be prepared to compare and contrast models like Bell-LaPadula, Biba, and Clark-Wilson.

  • Stay Current:
    Follow updates on cryptographic standards and evolving network security practices.

9.2 Sample Exam Questions

  • Scenario-Based Questions:
    For example, « Given a scenario where an organization must secure a remote workforce, explain how you would implement a zero trust architecture and which network segmentation techniques you would employ. »

  • Conceptual Questions:
    Questions that require explaining the differences between symmetric and asymmetric encryption, or discussing the benefits of a layered defense strategy.

9.3 Practical Exercises

  • Design Challenge:
    Create a secure network diagram for a mid-sized enterprise, including segmentation, secure communications, and integration of cryptographic controls.

  • Vulnerability Assessment:
    Perform a mock vulnerability analysis on a sample system to identify and document potential weaknesses.

10. Conclusion and Transition to Next Lesson

This lesson has provided an in‑depth exploration of Security Architecture and Engineering, covering fundamental design principles, security models, cryptographic techniques, and secure network architectures. By understanding these concepts, you build a solid foundation for developing secure systems that effectively mitigate modern threats.

Précédent
Suivant