expand for answer
Defense-In-Depth
A layered approach to security. Multiple layers of security are implemented, requiring attackers to circumvent several security controls to be successful.
Similar items:
An activity used to test the strength and effectiveness of deployed security measures with an authorized attempted intrusion attack. Penetration testing should be performed only with the consent and knowledge of the management staff. Security testing in which evaluators attempt to circumvent the security features of a system based on their understanding of the system design and implementation. Security testing in which the evaluators attempt to circumvent the security features of a system based on their understanding of the system design and implementation. The evaluators may be assumed to use all system design and implementation documentation, which may include listings of system source code, manuals, and circuit diagrams. The evaluators work under no constraints other than those applied to ordinary users or implementers of untrusted portions of the component.
[view]
[view]
A combination of security services, software and hardware, infrastructures, and processes that are implemented to achieve a required level of protection. These mechanisms are additive in nature, with the minimum protection being provided by the network and infrastructure layers.
[view]
[view]
The process of adding a header and footer to a PDU as it travels down the OSI model layers. The technique used by layered protocols in which a layer adds header information to the protocol data unit (PDI) from the layer above.
[view]
[view]
Security controls (i. e. , safeguards or countermeasures) for an information system that are primarily implemented and executed by the information system through mechanisms contained in the hardware, software, or firmware components of the system. (NIST Special Pub 80053. )The security controls (i. e. , safeguards or countermeasures) for an information system that are primarily implemented and executed by the information system through mechanisms contained in the hardware, software, or firmware components of the system.
[view]
[view]
A characteristic of a service, security control, or access mechanism that is unseen by users. Transparency is often a desirable feature for security controls. The characteristic of a service, security control, or access mechanism that ensures that it is unseen by users. Transparency is often a desirable feature for security controls. The more transparent a security mechanism is, the less likely a user will be able to circumvent it or even be aware that it exists.
[view]
[view]
There are no comments yet.