Security+ Domain 3.0: Architecture and Design: Chapter 11

  1. Security+ Certification
  2. Security+: Definitions and Catchwords
  3. Security+ Domain 1.0: Threats, Attacks and Vulnerabilities
  4. Security+ Domain 2.0: Technologies and Tools, Chapter 6
  5. Security+ Domain 2.0: Technologies and Tools, Chapter 7
  6. Security+ Domain 2.0: Technologies and Tools, Chapter 8
  7. Security+ Domain 2.0: Technologies and Tools, Chapter 9
  8. Security+ Domain 2.0: Technologies and Tools, Chapter 10
  9. Security+ Domain 3.0: Architecture and Design: Chapter 11
  10. Security+ Domain 3.0: Secure Systems Design and Deployment: Chapter 12
  11. Security+ Domain 3.0: Secure Systems Design and Deployment: Chapter 12 cont’d
  12. Security+ Domain 3.0: Architecture and Design: Chapter 13: Embedded Systems
  13. Security+ Domain 3.0: Architecture and Design: Chapter 14: Application Development
  14. Security+ Domain 3.0: Architecture and Design: Chapter 15: Cloud and Virtualization
  15. Security+ Domain 3.0: Architecture and Design: Chapter 16: Resiliency and Automation
  16. Security+ Domain 3.0: Architecture and Design: Chapter 17: Physical Security
  17. Security+ Domain 4.0: Identity and Access Management: Chapter 18
  18. Security+ Domain 4.0: Identity and Access Management: Chapter 19
  19. Security+ Domain 4.0: Identity and Access Management: Chapter 20
  20. Security+ Domain 5.0: Risk Management: Chapter 21
  21. Security+ Domain 5.0: Risk Management: Chapter 22
  22. Security+ : Sample Questions
  23. Security+ Domain 5.0: Risk Management: Chapter 23
  24. bastion.inf
  25. Security+ Domain 5.0: Risk Management: Chapter 24
  26. Security+ Domain 5.0: Risk Management: Chapter 25
  27. Security+ Domain 5.0: Risk Management: Chapter 26
  28. Security+ Domain 5.0: Risk Management: Chapter 27
  29. Security+ Domain 5.0: Risk Management: Chapter 28
  30. Security+ Domain 5.0: Risk Management: Chapter 29
  31. Security+: My Favorite Free Tools

Chapter 11: Architecture Frameworks and Secure Network Architectures

Industry-Standard Frameworks and Reference Architectures

Regulatory

NERC CIP – https://www.nerc.com/pa/Stand/Pages/CIPStandards.aspx

Non-regulatory

NIST CSF – https://www.nist.gov/cyberframework

          • Framework Core
          • Implementation Tiers
          • Framework Profiles

National vs International

FedRAMP – https://www.fedramp.gov/

US-EU Safe Harbor Framework (old) – https://www.ftc.gov/tips-advice/business-center/privacy-and-security/u.s.-eu-safe-harbor-framework

EU-US Privacy Shield Framework (new) – https://www.privacyshield.gov/EU-US-Framework

GDPR – https://gdpr-info.eu/

Industry-specific

HITRUST CSF – https://hitrustalliance.net/hitrust-csf/

Benchmarks / Secure Configuration Guides

CIS

NVD

STIGs

Platform / Vendor-Specific Guides

General Purpose Guides

CIS Controls

Defense in Depth / Layered Security

Vendor diversity

Control diversity

Administrative

Technical

User Training

Zones and Topologies

DMZ

Extranet

Intranet

Wifi

Guest

Honeynets

NAT

        • Static
        • Dynamic
        • PAT

Ad Hoc

Segregation / Segmentation / Isolation

RSTP

Flat / depthless networks

Enclaves

Physical

Logical (VLANs)

Trunking

Virtualization

Air Gaps

Tunneling / VPN

Site-to-Site

Remote Access

Security Device Placement

Sensors

Collectors

Correlation Engines

Filters

Proxies

Firewalls

VPN Concentrators

SSL Accelerators

Load Balancers

DDoS Mitigators

Aggregation Switches

Taps and Port Mirrors