Enterprise Security Architecture

Get Started. It's Free
or sign up with your email address
Rocket clouds
Enterprise Security Architecture by Mind Map: Enterprise Security Architecture

1. Chapter 01: Enterprise Security Overview

1.1. The Idea and Facade of Enterprise Security

1.1.1. The History and Making of the Facade

1.1.2. The Idea of Security

1.1.2.1. What it is

1.1.2.2. What it should be

1.2. Enterprise Security Challenges

1.2.1. Shortcomings of Current Security Architecture

1.2.2. Communicating Information Security

1.2.3. The Cost of Information Security

1.2.4. The Conflicting Message of Information Security

1.3. Proving A Negative

1.4. The Roadmap to Securing the Enterprise

1.4.1. Roadmap Components

1.4.1.1. Defining Users

1.4.1.2. Defining Applications

1.4.1.3. Defining Data

1.4.1.4. Defining Roles

1.4.1.5. Defining Processes

1.4.1.6. Defining Policies and Standards

1.4.1.7. Defining Network Architecture

2. Chapter 02: Security Architectures

2.1. Redefining the Network Edge

2.1.1. Drivers for Redefinition

2.1.1.1. Feature Rich Web Apps

2.1.1.2. Business Partner Services

2.1.1.3. Misc 3rd Party Services

2.1.1.4. BYOX Management

2.1.1.5. Cloud Initiatives

2.2. Security Architecture Models

2.2.1. Defining Trust Model Building Blocks

2.2.1.1. Defining Data In A Trust Model

2.2.1.1.1. Data Locations

2.2.1.1.2. Data Types

2.2.1.2. Defining Processes In A Trust Model

2.2.1.3. Defining Applications In A Trust Model

2.2.1.4. Defining Roles In A Trust Model

2.2.1.5. Defining Users In A Trust Model

2.2.1.6. Defining Policies and Standards

2.2.2. Enterprise Trust Models

2.2.2.1. Business Roles

2.2.2.2. IT Roles

2.2.2.2.1. Application User (External)

2.2.2.2.2. Application Owner (Business Partner)

2.2.2.2.3. System Owner (Contractor)

2.2.2.2.4. Data Owner (Internal)

2.2.2.2.5. Security Administrator

2.2.2.2.6. Automation

2.2.3. Micro Architectures

2.2.4. Data Risk Centric Architectures

2.2.5. BYOx Initiatives

2.2.5.1. Bring Your Own Device

2.2.5.2. Bring Your Own PC

3. Chapter 03: Security As A Process

3.1. Risk Analysis

3.1.1. What is risk analysis?

3.1.1.1. Assessing Threats

3.1.1.2. Assessing Impact

3.1.1.3. Assessing Probability

3.1.1.4. Assessing Risk

3.1.1.4.1. Qualitative Risk Analysis

3.1.1.4.2. Quantitative Risk Analysis

3.1.2. Applying Risk Analysis To Trust Models

3.1.3. Deciding on A Risk Analysis Methodology

3.1.4. Other Thoughts on Risk and New Enterprise Endeavors

3.2. Policies and Standards

3.2.1. Understanding Proper Security Policy Development

3.2.2. Common Enterprise Security Policies

3.2.2.1. Information Security Policy

3.2.2.2. Acceptable Use Policy

3.2.2.3. Technology Use Policy

3.2.2.4. Remote Access Policy

3.2.2.5. Data Classification Policy

3.2.2.6. Data Handling Policy

3.2.2.7. Data Destruction Policy

3.2.2.8. Data Retention Policy

3.2.3. Policies for Emerging Technologies

3.2.3.1. Policy Considerations

3.2.3.2. Emerging Technology Challenges

3.2.4. Developing Enterprise Security Standards

3.2.4.1. Common IT Security Standards

3.2.4.1.1. Wireless Network Security Standard

3.2.4.1.2. Enterprise Monitoring Standard

3.2.4.1.3. Enterprise Encryption Standard

3.2.4.1.4. System Hardening Standard

3.3. Security Review of Changes

3.3.1. Perimeter Security

3.3.2. Data Access Changes

3.3.3. Network Architectural Changes

3.4. Security Exceptions

3.5. Vulnerability MGT

3.6. SDLC

3.7. Appendix

3.7.1. Resources for Risk Analysis

3.7.2. Resources for Policies and Standards

3.7.3. Resources for System Hardening

4. Chapter 04: Securing the Network

4.1. Overview of Securing the Network

4.2. Next Generation Firewalls

4.2.1. Benefits of the NGFW

4.2.1.1. Application Awareness

4.2.1.2. IPS

4.2.1.3. Advanced Malware Mitigation

4.3. Intrusion Detection and Prevention

4.3.1. Intrusion Detection

4.3.2. Intrusion Prevention

4.3.3. Detection Methods

4.3.3.1. Behavioural Analysis

4.3.3.2. Anomaly Detection

4.3.3.3. Signature-Based

4.4. Advanced Persistent Threat Detection and Mitigation

4.5. Securing Network Services

4.5.1. DNS

4.5.1.1. DNS Resolution

4.5.1.2. DNS Zone Transfer

4.5.1.3. DNS Records

4.5.1.4. DNSSEC

4.5.2. Email

4.5.2.1. SPAM Filtering

4.5.2.1.1. SPAM Filtering in the Cloud

4.5.2.1.2. Local SPAM Filtering

4.5.2.2. SPAM Relaying

4.5.3. File Transfer

4.5.3.1. Implementation Considerations

4.5.3.1.1. Secure File Transfer Protocols

4.5.3.1.2. User Authentication

4.5.4. User Internet Access

4.5.5. Websites

4.5.5.1. Secure Coding

4.5.5.2. NGFW

4.5.5.3. IPS

4.5.5.4. Web App Firewall

4.5.5.5. Database Encryption

4.5.5.5.1. The Need for Database Encryption

4.5.5.5.2. Methods of Database Encryption

4.6. Network Segmentation

4.6.1. Network Segmentation Strategy

4.6.1.1. Asset Identification

4.6.1.2. Security Mechanisms

4.7. Applying Security Architecture to the Network

4.7.1. Security Architecture in the DMZ

4.7.2. Security Architecture in the Internal Network

4.7.3. Security Architecture and Network Segmentation

5. Chapter 05: Securing Systems

5.1. System Classification

5.1.1. Implementation Considerations

5.1.2. System Management

5.1.2.1. Asset Inventory Labels

5.1.2.2. System Patching

5.2. File Integrity Monitoring

5.2.1. FIM Implementation Challenges

5.2.2. Implementing File Integrity Monitoring

5.2.2.1. Real-time File Integrity Monitoring

5.2.2.2. Manual Mode File Integrity Monitoring

5.3. Application Whitelisting

5.3.1. Application Whitelisting Implementation Challenges

5.4. Host Intrusion Detection

5.4.1. Challenges to HIPS Implementation

5.5. Host Firewall

5.5.1. Challenges to Host Firewall Implementation

5.6. Anti-virus

5.6.1. Signature Based Anti-virus

5.6.2. Heuristic Anti-virus

5.6.3. Challenges of Anti-virus

5.7. User Account Management

5.7.1. User Roles and Permissions

5.7.2. User Account Auditing

5.8. Policy Enforcement

5.9. Summary

6. Chapter 06: Securing Data

6.1. Data Classification

6.1.1. Identifying Enterprise Data

6.1.1.1. Data Types

6.1.1.2. Data Locations

6.1.1.3. Automating Discovery

6.1.1.4. Assign Data Owners

6.1.2. Assign Data Classification

6.2. Data Loss Prevention

6.2.1. Data In Storage

6.2.2. Data In Use

6.2.3. Data In Transit

6.2.4. DLP Implementation

6.2.4.1. DLP Network

6.2.4.2. DLP Email and Web

6.2.4.3. DLP Discover

6.2.4.4. DLP Endpoint

6.3. Encryption and Hashing

6.3.1. Format Preserving Encryption

6.3.2. Key Management

6.3.3. Salting

6.3.4. Hashing

6.3.5. Encryption and Hashing Explained

6.3.5.1. Encryption

6.3.5.1.1. Encrypting Data At Rest

6.3.5.1.2. Encryption Data At Rest

6.3.5.1.3. Encryption Data In Transit

6.4. Tokenization

6.5. Data Masking

6.6. Authorization

6.7. Developing Supporting Processes

6.8. Summary

7. Chapter 07: Wireless Network Security

7.1. Security and Wireless Networks

7.2. Securing Wireless Networks

7.2.1. Unique SSID

7.2.2. Wireless Authentication

7.2.2.1. Shared Key

7.2.2.1.1. Caveats of Shared Key Implementation

7.2.2.2. 802.1x

7.2.2.2.1. Caveats of 802.1x Implementation

7.2.3. Wireless Encryption

7.2.3.1. WEP

7.2.3.2. WPA

7.2.3.3. WPA2

7.3. Wireless Network Implementation

7.3.1. Wireless Network Range

7.3.2. End System Configuration

7.3.3. Wireless Encryption and Authentication Recommendations

7.3.3.1. Client-Side Certificates

7.3.3.2. EAP-TLS

7.3.3.3. Unique System Check

7.4. Wireless Segmentation

7.4.1. Wireless Network Integration

7.5. Wireless Network Intrusion Prevention

7.6. Summary

8. Chapter 08: The Human Element of Security

8.1. Social Engineering

8.1.1. Electronic Communication Methods

8.1.1.1. SPAM Email

8.1.1.1.1. Key Indicators of SPAM Email

8.1.1.1.2. Mitigating SPAM Email

8.1.1.2. Social Media

8.1.1.2.1. Mitigating Social Media Methods

8.1.2. In-Person Methods

8.1.2.1. Mitigating In-Person Methods

8.1.3. Phone Methods

8.1.3.1. Mitigating Phone Methods

8.1.4. Business Networking Sites

8.1.4.1. Mitigating Business Network Site Attacks

8.1.5. Job Posting Sites

8.1.5.1. Mitigating Job Posting Based Attacks

8.2. Security Awareness Training

8.2.1. Training Materials

8.2.1.1. Computer Based Training

8.2.1.2. Classroom Training

8.2.1.3. Associate Surveys

8.2.2. Common Knowledge

8.2.3. Specialized Material

8.2.4. Affective Training

8.2.5. Continued Education and Checks

8.3. Access Denied

8.4. Administrator Access

8.4.1. System Administrator

8.4.2. Data Administrator

8.4.3. Application Administrator

8.5. Physical Security

8.6. Conclusion

9. Chapter 09: Security Monitoring

9.1. Monitor Strategies

9.1.1. Monitoring Based on Trust Models

9.1.1.1. Data Monitoring

9.1.1.2. Process Monitoring

9.1.1.3. Application Monitoring

9.1.1.4. User Monitoring

9.1.2. Monitoring Based on Network Boundary

9.1.3. Monitoring Based on Network Segment

9.2. SIEM

9.3. Privileged User Access

9.3.1. Privileged Data Access

9.3.2. Privileged System Access

9.3.3. Privileged Application Access

9.4. Systems Monitoring

9.4.1. Operating System Monitoring

9.4.2. Host Intrusion Detection System

9.5. Network Security Monitoring

9.5.1. Next Generation Firewalls

9.5.2. Data Loss Prevention

9.5.3. Malware Detection and Analysis

9.5.4. Intrusion Prevention

9.6. SIEM

9.7. Predictive Behaviorial Analysis

9.8. Conclusion

10. Chapter 10: Security Incidents

10.1. Defining a Security Incident

10.1.1. Security Event Versus Incident

10.2. Developing Supporting Processes

10.2.1. Security Incident Detection and Determination

10.2.1.1. Physical Security Incidents

10.2.1.2. Network Based Security Incidents

10.3. Getting Enterprise Support

10.4. Building the Incident Response Team

10.5. Taking Action

10.5.1. In-house Incident Response

10.5.2. Contracted Incident Response

11. Chapter 11: Selling Security to the C-Suite

11.1. Enterprise Accounting Overview

11.2. Presenting the Case for Security

11.3. Strategies for Securing the Enterprise

12. Security As a Service

12.1. Penetration Testing

12.2. Identity and Access Administration

12.3. Security Event Management

12.4. Security Incident Response