What is defense in depth?: Essay Example, 646 words GradesFixer
exit-popup-close

Haven't found the right essay?

Get an expert to write your essay!

exit-popup-print

Professional writers and researchers

exit-popup-quotes

Sources and citation are provided

exit-popup-clock

3 hour delivery

exit-popup-persone
close
This essay has been submitted by a student. This is not an example of the work written by professional essay writers.

What is defense in depth?

Print Download now

Pssst… we can write an original essay just for you.

Any subject. Any type of essay.

We’ll even meet a 3-hour deadline.

Get your price

121 writers online

blank-ico
Download PDF

Defense in depth is the coordinated use of multiple security countermeasures to protect the integrity of the information assets in an enterprise. The strategy is based on the military principle that it is more difficult for an enemy to defeat a complex and multi-layered defense system than to penetrate a single barrier. Defense in depth minimizes the probability that the efforts of malicious hackers will succeed. A well-designed strategy of this kind can also help system administrators and security personnel identify people who attempt to compromise a computer, server, proprietary network or ISP (Internet service provider).

If a hacker gains access to a system, defense in depth minimizes the adverse impact and gives administrators and engineers time to deploy new or updated countermeasures to prevent recurrence. Components of defense in depth include antivirus software, firewalls, anti-spyware programs, hierarchical passwords, intrusion detection and biometric verification. In addition to electronic countermeasures, physical protection of business sites along with comprehensive and ongoing personnel training enhances the security of vital data against compromise, theft or destruction. Implementation:

  1. Network Controls
  2. Monitoring network traffic is the first line of defense. Firewalls can help with this, but for a more comprehensive security solution an intrusion prevention system (IPS) should also be used.

  3. Antivirus Software
  4. Using antivirus software is critical, but it’s not an all-inclusive solution. It often relies heavily on signature-based detection that can be exploited by an intelligent attacker. Some antivirus programs also use heuristics that look for suspicious activity. For example, if a document tried to download an executable when opened, the antivirus program would halt the download and quarantine the file.

  5. Check File Reputation
  6. The reputation of a file deals with its frequency of use and the source. Every file has a checksum, a mathematical representation of the file, that can be used to check against known viruses and block matches. It can also be used to find how often a file shows up. If the incoming file is completely unique, it’s marked as suspicious, as it should be in circulation somewhere else. It is also important to check the reputation of the file’s origin. Check the IP address of either the sender or origin site and decide whether it’s a trustworthy source.

  7. Analyze Behavior
  8. Network and file behaviors provide insight into whether a breach is in progress or has already occurred. By the time behavioral analysis comes into play, prevention has already failed and the new aim is detection. Initially this requires an organization to create a baseline for “normal” behavior. Algorithms can then use this baseline to detect anomalies such as high-bandwidth traffic or extremely long connections.

  9. Fix the Leak
  10. Once an attack is detected, it’s crucial to shut it down quickly. In addition to deleting malicious files the initial entry point of the attack needs to be identified and repaired. Example Of Defense In Depth

    Assume an organization utilizes a defense in depth strategy. This company uses a firewall, a basic antivirus program, and behavioral analysis. An attacker creates a phishing attack and sends out a convincing email with a company schedule attached in the form of a PDF. The email makes it past the firewall and ends up in the inbox of an unsuspecting employee. When the employee opens the PDF it starts to download a malicious executable file. Fortunately, the behavioral analysis tool notices the anomaly and sends up an alert concerning the file. Although the attack was successfully detected, there are three things the organization could improve to stop the attack from occurring in the first place. First, the company could utilize an IPS to provide an extra layer of network security. Second, they could upgrade their antivirus software to one that employs heuristics. This way the file could be automatically dealt with instead of merely sending an alert. Third, and most important, the company could offer employee security training so that phishing attacks never succeed, even if they make it past all of the filters.

Remember: This is just a sample from a fellow student.

Your time is important. Let us write you an essay from scratch

100% plagiarism free

Sources and citations are provided

Cite this Essay

To export a reference to this article please select a referencing style below:

GradesFixer. (2019, January, 15) What is defense in depth? Retrived July 20, 2019, from https://gradesfixer.com/free-essay-examples/what-is-defense-in-depth/
"What is defense in depth?" GradesFixer, 15 Jan. 2019, https://gradesfixer.com/free-essay-examples/what-is-defense-in-depth/. Accessed 20 July 2019.
GradesFixer. 2019. What is defense in depth?, viewed 20 July 2019, <https://gradesfixer.com/free-essay-examples/what-is-defense-in-depth/>
GradesFixer. What is defense in depth? [Internet]. January 2019. [Accessed July 20, 2019]. Available from: https://gradesfixer.com/free-essay-examples/what-is-defense-in-depth/
close

Sorry, copying is not allowed on our website. If you’d like this or any other sample, we’ll happily email it to you.

By clicking “Send”, you agree to our Terms of service and Privacy statement. We will occasionally send you account related emails.

close

Thanks!

Your essay sample has been sent.

Want us to write one just for you? We can custom edit this essay into an original, 100% plagiarism free essay.

thanks-icon Order now
boy

Hi there!

Are you interested in getting a customized paper?

Check it out!
Having trouble finding the perfect essay? We’ve got you covered. Hire a writer

GradesFixer.com uses cookies. By continuing we’ll assume you board with our cookie policy.