Explain the intent or meaning of the phrase “defense in depth”, especially noting what the three key elements of defense in depth are and providing an example of a failure in each domain.
Define defense in depth:
Domain 1:
Domain 2:
Domain 3:
Failure in Domain 1:
Failure in Domain 2:
G. Failure in Domain 3:
Describe the four common methods for cracking hashed passwords as discussed in the presentation on the topic.
–
–
–
–
Defense in depth is a strategy using multiple security measures to protect the integrity of information. This way of thinking is used to cover all angles of business security - intentionally being redundant when necessary. If one line of defense is compromised, additional layers of defense are in place to ensure that threats don’t slip through the cracks. This method addresses the security vulnerabilities that inevitably exist in technology, personnel, and operations within a network.
Today’s cyberthreats are evolving and growing rapidly. Defense in depth is a solid, comprehensive approach to utilizing a combination of advanced security tools to protect critical data and block threats before they reach endpoints. Endpoint protection, including antivirus and firewalls, are still instrumental elements of complete security; however, a defense in depth strategy is seeing significant adoption as these methods of network security alone are no longer enough.
The concept of defense in depth takes cybersecurity a step further by acknowledging the macro controls needed for ultimate protection including physical, technical, and administrative aspects of the network.
These three controls build the architecture of a defense in depth strategy:
Physical Controls are the security measures that protect IT systems from physical harm. Examples of physical controls include security guards and locked doors.
Technical Controls are the protection methods that secure network systems. Hardware, software, and network level protection is included within a company’s specific technical controls. Cybersecurity efforts including layered security live in this category.
Administrative Controls are the policies and procedures put in place by an organization, directed at the employees. Training employees to make certain to label sensitive information as “confidential” or keep private files in proper folders are examples of administrative control.
Layered security architecture:
The top ten password-cracking techniques used by hackers:
1. Dictionary attack
The dictionary attack uses a simple file containing words that can be found in a dictionary, hence its rather straightforward name. In other words, this attack uses exactly the kind of words that many people use as their password.
2. Brute force attack
Similar to the dictionary attack, the brute force attack comes with an added bonus for the hacker. Instead of simply using words, a brute force attack lets them detect non-dictionary words by working through all possible alpha-numeric combinations from aaa1 to zzz10.
3. Rainbow Table Attack
Rainbow tables aren’t as colorful as their name may imply but, for a hacker, your password could well be at the end of it. In the most straightforward way possible, you can boil a rainbow table down into a list of pre-computed hashes – the numerical value used when encrypting a password. This table contains hashes of all possible password combinations for any given hashing algorithm. Rainbow tables are attractive as it reduces the time needed to crack a password hash to simply just looking something up in a list
4. Phishing
There’s an easy way to hack: ask the user for his or her password. A phishing email leads the unsuspecting reader to a faked log in page associated with whatever service it is the hacker wants to access, requesting the user to put right some terrible problem with their security. That page then skims their password and the hacker can go use it for their own purpose.
5. Social engineering
Social engineering takes the whole “ask the user” concept outside of the inbox that phishing tends to stick with and into the real world.
6. Malware
A keylogger, or screen scraper, can be installed by malware which records everything you type or takes screenshots during a login process, and then forwards a copy of this file to hacker central.
7. Offline cracking
It’s easy to imagine that passwords are safe when the systems they protect lock out users after three or four wrong guesses, blocking automated guessing applications. Well, that would be true if it were not for the fact that most password hacking takes place offline, using a set of hashes in a password file that has been ‘obtained’ from a compromised system
8. Shoulder surfing
The most confident of hackers will take the guise of a parcel courier, aircon service technician, or anything else that gets them access to an office building.
9. Spidering
Savvy hackers have realized that many corporate passwords are made up of words that are connected to the business itself. Studying corporate literature, website sales material, and even the websites of competitors and listed customers can provide the ammunition to build a custom word list to use in a brute force attack.
10. Guess
The password crackers’ best friend, of course, is the predictability of the user. Unless a truly random password has been created using software dedicated to the task, a user-generated ‘random’ password is unlikely to be anything of the sort.
Concept: Failure Domain
With a high-level view of a layered application stack with dependencies running from top to bottom:
In order to be independent, failure domains must not share resources, even (or especially) ‘generic’ ones like network or power. Since network and power are common sources of faults, fault boundaries often align to physical structural elements such as buildings, rooms, racks, and power supplies.
When there is a problem with that shared resource, users will experience it as there’s no way for the larger system to contain the failure to a portion of the system. The network backplane is shared by 100% of hosts, so 100% of application instances will be affected.
You could redeploy your system across these three datacenters, ensuring data is available in at least two DCs:
Get Answers For Free
Most questions answered within 1 hours.