|Network Security Architecture Design and Security Model|
The CISSP exam covers 10 domains, one of which is network security architecture design and security models. This domain pertains to security models involving operating systems and network architectures. Those taking the CISSP exam will need to know about security for various platform architectures, layered networking models, application attacks such as buffer overflows and DDoS, and operating system principles.
Use these resources and expert advice, which are a part of our CISSP Study Guide, to ensure your knowledge of security architecture and design, then test your knowledge with our network security architecture and design quiz, written by CISSP All-in-one Exam Guide author Shon Harris. Visit our library of study guides to see the other domains.
CISSP Essentials training: Domain 4, Security Models and Architecture
In this SearchSecurity.com CISSP Essentials Security School lesson on Domain 4, Security Models and Architecture, noted CISSP certification exam trainer Shon Harris explores the framework and structures that make up typical computer systems.
In this video presentation from CISSP Essentials, learn about the evolution of security models and evaluation methods, which have historically struggled to keep pace with changing technology needs.
CISSP spotlight article: Domain 4, Security Models and Architecture
In this SearchSecurity.com CISSP Essentials Security School lesson spotlight article, expert Shon Harris investigates the framework and structures that make up typical computer systems and sketches the evolution of security models and evaluation methods.
Cloud computing security model overview: Network infrastructure issues
Cloud computing has gained popularity in a weakened economy as enterprises seek ways to save money, but as is often the case with emerging technologies, it presents certain risks that could open an organization to security vulnerabilities and threats.
In this primer on cloud computing security, learn about the basics of data security in the cloud, how to secure network infrastructure and devices that interact with cloud-based services and the threats and attacks that pose a risk to enterprises.
How to align an information security framework to your business model
In years past, the use of guidelines from the IT Governance Institute, the National Institute for Standards in Technology (NIST) and ISACA's COBIT were used as a basis for developing an information security framework. While these guidelines are still critical to the success of a security program, they don't easily translate into an accepted business model that will drive an organization's strategic plan.
CISOs should consider blending traditional business models with information security frameworks, and not rely solely on regulations to drive security programs. In this tip, contributor Ravila Helen White explains how to do just that.
Defining authentication system security weaknesses to combat hackers
It's extremely common for hackers to try to brute-force their way into a system by guessing commonly used user IDs and passwords. Considering, it's worth putting your authentication system security practices under a magnifying glass to uncover any authentication weaknesses.
In this tip, which focuses on hardening network access and authentication system security to combat hacker attacks, learn how to define authentication system security flaws and address weaknesses.
Windows 7 security guide: Best practices on security for Windows 7
This Windows 7 learning guide reviews the new and improved security features of the updated operating system, including Windows AppLocker and Bitlocker.
In this series, learn more about Windows 7 system security and how to use the operating systems features to protect against Windows 7 attacks, as well as how to prevent attacks against applications that run on Windows 7.
Web application attacks security guide: Preventing attacks and flaws
Web applications attacks can cost organizations time and money and lead to expensive and embarrassing data security breaches, making thorough defense strategies and defense mechanisms imperative for every organization.
This Web application attacks learning guide explains how Web application attacks occur, identifies Web application attack types, such as buffer overflows and DDoS attacks, and highlights Web application security tools and tactics to protect against them.
Return to the CISSP Study Guide.
About the author
Shon Harris, CISSP, MCSE, is the president of Logical Security, an IT security consulting and training company. She is a former engineer in the Air Force's Information Warfare unit, an instructor and the best-selling author of the previous three editions of this book. Shon has taught computer and information security to a wide range of clients, including RSA, the Department of Defense, the Department of Energy, the National Security Agency and many more.