| Network Security Architecture Design and Security Model |
The CISSP exam covers 10 domains, one of which is
Requires Membership to View
To gain access to this and all member only content, please provide the following information:
By submitting your registration information to SearchSecurityChannel.com you agree to receive email communications from the TechTarget network of sites, and/or third party content providers that have relationships with TechTarget, based on your topic interests and activity, including updates on new content, event notifications, new site launches and market research surveys. Please verify all information and selections above. You may unsubscribe at any time from one or more of the services you have selected by editing your profile, unsubscribing via email or by contacting us here
- Your use of SearchSecurityChannel.com is governed by our Terms of Use
- We designed our Privacy Policy to provide you with important disclosures about how we collect and use your registration and other information. We encourage you to read the Privacy Policy, and to use it to help make informed decisions.
- If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States.
network
security architecture design and security models. This domain pertains to security models
involving operating systems and network architectures. Those taking the CISSP exam will need to
know about security for various platform architectures, layered networking models, application
attacks such as buffer overflows and DDoS, and operating system principles.
Use these resources and expert advice, which are a part of our CISSP Study Guide, to ensure your knowledge of security architecture and design, then test your knowledge with our network security architecture and design quiz, written by CISSP All-in-one Exam Guide author Shon Harris. Visit our library of study guides to see the other domains.
CISSP Essentials training: Domain 4, Security Models and Architecture
In this SearchSecurity.com CISSP Essentials Security School lesson on Domain 4, Security Models and
Architecture, noted CISSP certification exam trainer Shon Harris explores the framework and
structures that make up typical computer systems.
In this video presentation from CISSP Essentials, learn about the evolution of security models and evaluation methods, which have historically struggled to keep pace with changing technology needs.
CISSP spotlight article: Domain 4, Security Models and Architecture
In this SearchSecurity.com CISSP Essentials Security School lesson spotlight article, expert Shon
Harris investigates the framework and structures that make up typical computer systems and sketches the
evolution of security models and evaluation methods.
Cloud computing security model overview: Network infrastructure issues
Cloud computing has gained popularity in a weakened economy as enterprises seek ways to save money,
but as is often the case with emerging technologies, it presents certain risks that could open an
organization to security vulnerabilities and threats.
In this primer on cloud computing security, learn about the basics of data security in the cloud, how to secure network infrastructure and devices that interact with cloud-based services and the threats and attacks that pose a risk to enterprises.
How to align an information security framework to your business model
In years past, the use of guidelines from the IT
Governance Institute, the National Institute for
Standards in Technology (NIST) and ISACA's COBIT
were used as a basis for developing an information security framework. While these guidelines are
still critical to the success of a security program, they don't easily translate into an accepted
business model that will drive an organization's strategic plan.
CISOs should consider blending traditional business models with information security frameworks, and not rely solely on regulations to drive security programs. In this tip, contributor Ravila Helen White explains how to do just that.
Defining authentication system security weaknesses to combat hackers
It's extremely common for hackers to try to brute-force their way into a system by guessing
commonly used user IDs and passwords. Considering, it's worth putting your authentication system
security practices under a magnifying glass to uncover any authentication weaknesses.
In this tip, which focuses on hardening network access and authentication system security to combat hacker attacks, learn how to define authentication system security flaws and address weaknesses.
Windows 7 security guide: Best practices on security for Windows 7
This Windows 7 learning guide reviews the new and improved security features of the updated
operating system, including Windows AppLocker and Bitlocker.
In this series, learn more about Windows 7 system security and how to use the operating systems features to protect against Windows 7 attacks, as well as how to prevent attacks against applications that run on Windows 7.
Web application attacks security guide: Preventing attacks and flaws
Web applications attacks can cost organizations time and money and lead to expensive and embarrassing data security breaches, making thorough defense strategies and defense mechanisms imperative for every organization.
This Web application attacks learning guide explains how Web application attacks occur, identifies Web application attack types, such as buffer overflows and DDoS attacks, and highlights Web application security tools and tactics to protect against them.
Return to the CISSP Study Guide.
About the author
Shon Harris, CISSP, MCSE, is the president of Logical Security, an IT security consulting
and training company. She is a former engineer in the Air Force's Information Warfare unit, an
instructor and the best-selling author of the previous three editions of this book. Shon has taught
computer and information security to a wide range of clients, including RSA, the Department of
Defense, the Department of Energy, the National Security Agency and many more.
This was first published in June 2008