Description
Understand CSIRT process and be able coordinate and respond to CERT. |
Understand and be able to apply Zero Trust to an environment |
Unformatted Attachment Preview
Purchase answer to see full attachment
Explanation & Answer
Find attached work. Please let me know if everything is ok. I will be happy to help with more assignments in the future. Thank you. Goodbye for now.
objectives
Identify Your Sensitive Data
Map the Data Flows of Your Sensitive Data
Architect Your Network
Create Your Automated Rule Base
Continuously Monitor the Ecosystem
Agenda
3 Tier Architecture
History of Zero Trust
Definition of Zero Trust and key terms
Current events related to Zero Trust
Challenges I’ve experienced with Zero Trust
My suggestions to successfully embrace Zero Trust
Introduction
Zero Trust, Zero Trust Network, or Zero Trust
Architecture refer to security concepts and threat
model that no longer assumes that actors, systems or
services operating from within the security perimeter
should be automatically trusted, and instead must
verify anything and everything trying to connect to its
systems before granting access. The term was coined
by a security analyst at Forrester Research
Architecture
3-Tier Architecture
PCI, HIPAA, PII, PHI,
FISM, Company
Competitive Data
Web Tier
Corporate
Network
App Tier
Database Tier
3rd Party Partner
Internal Users
Active
Directory
Challenges
Limited visibility once traffic is Trusted
Lack of enforcement options in Trusted zones
Typically relied on layer-4 enforcement
Application designs increasingly diverge from 3-tier topology
Cloud offerings move critical data to offsite locations making perimeter protections useless
BYOD increases risk of introducing threats inside Trusted zones
External connections are difficult to control once given access to any internal Trusted
resource
Breaches since 2010…
Your smartphone or mobile device of choice is
increasingly going to become your ID and secure
access to resources across the enterprises you work for.
Passwords have proven to be ineffective in thwarting
the most common source of breaches, which is
privileged credential abuse.
Enterprise executives interviewed for two completely
different studies reached the same conclusion:
IT infrastructure will be much safer once passwords
are gone.
While 95% of enterprise executives say they have
multi-factor authentication (MFA) implemented,
a little more than half of their users are using it.
Senior security executives say they doubt the security
benefits (36%), expense (33%), and the decision that
users don’t access sensitive information (45%), making
MFA pointless.
86% of senior security executives would dump
password use as an authentication method if they
could.
In fact, nearly half of those surveyed cited eliminating
passwords as a way to cut almost half of all breach
attempts.
Perceived security shortcomings are a key reason why
almost three-quarters of these security leaders say
they’re actively looking for replacements for passwords
for authentication.
62% of the senior security execs reported extreme
user irritation with password lockouts.
The percentage of respondents who reported extreme
user frustration at password lockouts rose to 67% at
companies with more than 5,000 employees.
Zero Trust Fundamentals
Untrusted
Zero Trust Fundamentals
All resources are accessed in a secure manner regardless of location.
Access control is on a “need-to-know” basis and is strictly enforced.
Verify and never trust.
Inspect and log all traffic.
The network is designed from the inside out.
Zero Trust Terminology
Segmentation Gateway (SG) – High speed security device providing Firewall, IPS,
WAF, NAC, VPN and Encryption services
Microcore and Perimeter (MCAP) – Physically segmented by SG interface zone that
shares similar functionality and global policy attributes
Data Acquisition Network (DAN) – Facilitates the extraction of network data –
typically, packets, syslog, or SNMP messages to a central inspection point
MGMT Server – Backplane that acts as a jump host in separate MCAP for management
of devices
Segmentation Gateway (SG)
• Next Generation Firewall
• Spec’d to handle very high throughput
• Virtual offering to suppor...