WEBVTT 1 00:00:00.000 --> 00:00:01.740 In this section of the course, 2 00:00:01.740 --> 00:00:05.220 we are going to discuss Secure Architecture Design. 3 00:00:05.220 --> 00:00:08.280 The Secure Architecture Design section of the course 4 00:00:08.280 --> 00:00:11.790 focuses on Domain 2: Security Architecture, 5 00:00:11.790 --> 00:00:14.580 specifically objective 2.3, 6 00:00:14.580 --> 00:00:16.620 which states that given a scenario, 7 00:00:16.620 --> 00:00:18.900 you must be able to integrate controls 8 00:00:18.900 --> 00:00:21.390 in the design of secure architecture. 9 00:00:21.390 --> 00:00:23.370 Designing a secure architecture 10 00:00:23.370 --> 00:00:25.380 includes safeguarding sensitive data 11 00:00:25.380 --> 00:00:26.670 throughout its lifecycle 12 00:00:26.670 --> 00:00:28.920 and ensuring that security controls 13 00:00:28.920 --> 00:00:30.450 are tailored to the needs 14 00:00:30.450 --> 00:00:33.630 of both internal and external environments. 15 00:00:33.630 --> 00:00:36.240 Additionally, effective architectures 16 00:00:36.240 --> 00:00:39.720 account for the complexities of diverse infrastructures 17 00:00:39.720 --> 00:00:43.710 while continuously assessing and mitigating potential risks 18 00:00:43.710 --> 00:00:46.290 to reduce exposure to threats. 19 00:00:46.290 --> 00:00:48.000 As we go through this section, 20 00:00:48.000 --> 00:00:49.470 we will cover many topics 21 00:00:49.470 --> 00:00:51.870 related to Secure Architecture Design, 22 00:00:51.870 --> 00:00:53.940 including Data States, 23 00:00:53.940 --> 00:00:57.210 Data Classification, Data Labeling and Tagging, 24 00:00:57.210 --> 00:01:00.330 Data Loss Prevention, Hybrid Infrastructures, 25 00:01:00.330 --> 00:01:03.690 Third-party Integrations, Attack Surface Management, 26 00:01:03.690 --> 00:01:05.850 and Control Effectiveness. 27 00:01:05.850 --> 00:01:08.430 First, we will look at Data States. 28 00:01:08.430 --> 00:01:10.800 Data states are the different conditions 29 00:01:10.800 --> 00:01:12.390 in which data exists. 30 00:01:12.390 --> 00:01:15.300 Specifically, data can be at rest, 31 00:01:15.300 --> 00:01:17.790 in transit, or in use. 32 00:01:17.790 --> 00:01:21.450 Each data state requires distinct methods of protection. 33 00:01:21.450 --> 00:01:23.700 For example, Data at rest, 34 00:01:23.700 --> 00:01:27.090 that is, data being stored on a hard drive or in a database, 35 00:01:27.090 --> 00:01:30.420 is protected through encryption and access control. 36 00:01:30.420 --> 00:01:32.460 Whereas Data in transit, 37 00:01:32.460 --> 00:01:35.430 that is, data which is actively moving between systems 38 00:01:35.430 --> 00:01:36.510 through a network, 39 00:01:36.510 --> 00:01:38.730 is protected with encryption protocols, 40 00:01:38.730 --> 00:01:42.540 such as Transport Layer Security or TLS. 41 00:01:42.540 --> 00:01:44.460 Finally, Data in use, 42 00:01:44.460 --> 00:01:46.920 which is data that is actively being processed 43 00:01:46.920 --> 00:01:48.750 by an application or system, 44 00:01:48.750 --> 00:01:51.810 is protected with secure processing environments. 45 00:01:51.810 --> 00:01:54.930 Next, we will explore Data Classification. 46 00:01:54.930 --> 00:01:57.150 Data classification is the process 47 00:01:57.150 --> 00:01:59.640 of organizing data into categories 48 00:01:59.640 --> 00:02:02.220 based on its sensitivity, value, 49 00:02:02.220 --> 00:02:05.490 or in response to regulatory requirements. 50 00:02:05.490 --> 00:02:07.020 A data's classification 51 00:02:07.020 --> 00:02:09.330 determines the level of security controls 52 00:02:09.330 --> 00:02:12.630 and handling procedures that will be applied to it. 53 00:02:12.630 --> 00:02:14.400 Data classification models 54 00:02:14.400 --> 00:02:18.180 are frameworks or methodologies used to categorize data 55 00:02:18.180 --> 00:02:21.540 into levels or types based on sensitivity. 56 00:02:21.540 --> 00:02:25.170 Classification models use categories such as public, 57 00:02:25.170 --> 00:02:28.230 internal, confidential, and restricted. 58 00:02:28.230 --> 00:02:31.290 Each level dictates the security measures required 59 00:02:31.290 --> 00:02:32.640 to protect the data. 60 00:02:32.640 --> 00:02:36.180 For example, a healthcare organization's patient records 61 00:02:36.180 --> 00:02:38.790 might be classified as "Restricted." 62 00:02:38.790 --> 00:02:41.610 The "Restricted" classification makes it clear 63 00:02:41.610 --> 00:02:43.620 that the data requires encryption 64 00:02:43.620 --> 00:02:45.660 and strict access controls 65 00:02:45.660 --> 00:02:48.630 to comply with the Health Insurance Portability 66 00:02:48.630 --> 00:02:51.000 and Accountability Act or HIPAA. 67 00:02:51.000 --> 00:02:53.430 Conversely, the healthcare organization's 68 00:02:53.430 --> 00:02:55.170 internal training documents 69 00:02:55.170 --> 00:02:58.530 may only be classified as "Internal Use Only." 70 00:02:58.530 --> 00:03:00.660 This classification indicates 71 00:03:00.660 --> 00:03:02.790 the level of protection is lower, 72 00:03:02.790 --> 00:03:04.980 and more people within the organization 73 00:03:04.980 --> 00:03:06.810 can have access to it. 74 00:03:06.810 --> 00:03:10.500 After that, we'll look at Data Labeling and Tagging. 75 00:03:10.500 --> 00:03:13.500 Data labeling and tagging involves assigning markers 76 00:03:13.500 --> 00:03:17.670 to the data to indicate its classification, sensitivity, 77 00:03:17.670 --> 00:03:19.440 or handling requirements. 78 00:03:19.440 --> 00:03:20.520 Labeling and tagging 79 00:03:20.520 --> 00:03:23.790 ensures proper data management and protection. 80 00:03:23.790 --> 00:03:26.280 Data labels include classifications, 81 00:03:26.280 --> 00:03:28.230 such as "confidential," or "public," 82 00:03:28.230 --> 00:03:31.260 which direct how the data should be handled and protected. 83 00:03:31.260 --> 00:03:33.390 Data tagging adds metadata, 84 00:03:33.390 --> 00:03:34.710 such as project names 85 00:03:34.710 --> 00:03:37.260 and department associations to the data, 86 00:03:37.260 --> 00:03:41.040 which enables automated processes like data loss prevention. 87 00:03:41.040 --> 00:03:43.710 For example, a company might label a document 88 00:03:43.710 --> 00:03:46.770 as "Confidential," and tag it with "Finance" 89 00:03:46.770 --> 00:03:50.490 and "Sarbanes-Oxley (or SOX) Compliance." 90 00:03:50.490 --> 00:03:53.160 This ensures that only authorized 91 00:03:53.160 --> 00:03:56.100 finance department employees can access it, 92 00:03:56.100 --> 00:03:58.830 and it identifies the data as governed 93 00:03:58.830 --> 00:04:03.480 by the Sarbanes-Oxley Act (or SOX) regulatory requirements. 94 00:04:03.480 --> 00:04:06.570 Next, we will explore Data Loss Prevention. 95 00:04:06.570 --> 00:04:09.600 Data loss prevention is used to detect, prevent, 96 00:04:09.600 --> 00:04:13.560 and respond to unauthorized access, transmission, 97 00:04:13.560 --> 00:04:15.480 or use of sensitive data. 98 00:04:15.480 --> 00:04:18.780 Data loss prevention concepts include data discovery, 99 00:04:18.780 --> 00:04:21.360 managing data at rest, and in transit, 100 00:04:21.360 --> 00:04:23.010 and policy enforcement. 101 00:04:23.010 --> 00:04:23.843 Let's take a moment 102 00:04:23.843 --> 00:04:26.310 to describe each of these in more detail. 103 00:04:26.310 --> 00:04:29.010 Data discovery is the process of identifying 104 00:04:29.010 --> 00:04:30.810 and locating sensitive data 105 00:04:30.810 --> 00:04:33.030 within an organization's infrastructure. 106 00:04:33.030 --> 00:04:35.700 Whether the data is at rest and stored in databases 107 00:04:35.700 --> 00:04:37.020 and file systems, 108 00:04:37.020 --> 00:04:38.880 or the data is in transit 109 00:04:38.880 --> 00:04:41.130 and actively moving across the network, 110 00:04:41.130 --> 00:04:44.640 it is important to know where the data is at any given time. 111 00:04:44.640 --> 00:04:47.250 Once identified, data loss prevention policies 112 00:04:47.250 --> 00:04:48.510 can be enforced. 113 00:04:48.510 --> 00:04:50.460 Data loss prevention policies 114 00:04:50.460 --> 00:04:53.640 include actions such as alerting administrators, 115 00:04:53.640 --> 00:04:55.830 blocking unauthorized transfer, 116 00:04:55.830 --> 00:04:57.870 and quarantining sensitive files 117 00:04:57.870 --> 00:04:59.760 that have attempted to be moved. 118 00:04:59.760 --> 00:05:02.460 It also includes applying tombstone markers 119 00:05:02.460 --> 00:05:05.130 to announce policy violations to the user. 120 00:05:05.130 --> 00:05:08.280 In all cases, the process of data loss prevention 121 00:05:08.280 --> 00:05:10.980 begins with data classification, 122 00:05:10.980 --> 00:05:13.620 data labeling, and data tagging. 123 00:05:13.620 --> 00:05:16.740 Following that, we will look at Hybrid Infrastructures. 124 00:05:16.740 --> 00:05:19.500 Hybrid infrastructures refer to environments 125 00:05:19.500 --> 00:05:23.880 that combine on-premises systems with cloud-based resources. 126 00:05:23.880 --> 00:05:25.470 This type of infrastructure 127 00:05:25.470 --> 00:05:27.780 requires integrated security measures 128 00:05:27.780 --> 00:05:31.980 across both on-premises systems and cloud-based resources. 129 00:05:31.980 --> 00:05:35.160 This means extending traditional security controls 130 00:05:35.160 --> 00:05:37.410 like firewalls, encryption, 131 00:05:37.410 --> 00:05:38.640 and access management 132 00:05:38.640 --> 00:05:41.400 from the local data center to the cloud. 133 00:05:41.400 --> 00:05:42.900 In hybrid infrastructures, 134 00:05:42.900 --> 00:05:44.730 security challenges may arise 135 00:05:44.730 --> 00:05:47.850 from differences in infrastructure management and control. 136 00:05:47.850 --> 00:05:49.620 It may require policies and tools 137 00:05:49.620 --> 00:05:52.110 that can enforce security consistently 138 00:05:52.110 --> 00:05:54.390 across multiple environments. 139 00:05:54.390 --> 00:05:57.810 For example, a company might store sensitive data 140 00:05:57.810 --> 00:06:00.600 on-premises for regulatory purposes 141 00:06:00.600 --> 00:06:03.180 while using cloud-based applications 142 00:06:03.180 --> 00:06:05.160 for data and client processing. 143 00:06:05.160 --> 00:06:06.180 This infrastructure 144 00:06:06.180 --> 00:06:08.640 would require secure communication channels 145 00:06:08.640 --> 00:06:10.710 and coordinated security policies 146 00:06:10.710 --> 00:06:12.720 to ensure data remains protected, 147 00:06:12.720 --> 00:06:15.840 regardless of where it is stored or processed. 148 00:06:15.840 --> 00:06:19.410 Then, we will explore Third-party Integration. 149 00:06:19.410 --> 00:06:20.550 Third-party integrations 150 00:06:20.550 --> 00:06:23.160 involve securely connecting external services 151 00:06:23.160 --> 00:06:26.850 or applications to an organization's internal systems, 152 00:06:26.850 --> 00:06:31.470 often by using Application Programming Interfaces or APIs. 153 00:06:31.470 --> 00:06:34.170 Application Programming Interface Communication 154 00:06:34.170 --> 00:06:37.397 involves data encryption to protect sensitive information 155 00:06:37.397 --> 00:06:39.750 during transmission and storage. 156 00:06:39.750 --> 00:06:42.270 Additionally, data protection measures 157 00:06:42.270 --> 00:06:44.040 and monitoring must be extended 158 00:06:44.040 --> 00:06:46.410 to include third-party services. 159 00:06:46.410 --> 00:06:49.050 This ensures that security controls, 160 00:06:49.050 --> 00:06:51.390 such as access management and encryption, 161 00:06:51.390 --> 00:06:53.310 are effectively applied. 162 00:06:53.310 --> 00:06:55.440 Finally, monitoring and logging 163 00:06:55.440 --> 00:06:58.830 are used to track interactions with third-party systems, 164 00:06:58.830 --> 00:07:00.240 detect anomalies, 165 00:07:00.240 --> 00:07:03.030 and ensure compliance with security policies. 166 00:07:03.030 --> 00:07:05.280 For example, an organization 167 00:07:05.280 --> 00:07:08.340 might integrate a third-party payment processor 168 00:07:08.340 --> 00:07:10.890 via an application programming interface, 169 00:07:10.890 --> 00:07:13.590 which will require encrypted data transmission, 170 00:07:13.590 --> 00:07:15.030 strict access controls, 171 00:07:15.030 --> 00:07:17.220 and real-time monitoring 172 00:07:17.220 --> 00:07:20.310 to ensure that financial transactions are secure 173 00:07:20.310 --> 00:07:22.290 and comply with regulations. 174 00:07:22.290 --> 00:07:25.440 After that, we will look at Attack Surface Management. 175 00:07:25.440 --> 00:07:29.460 Attack surface management involves identifying, reducing, 176 00:07:29.460 --> 00:07:31.080 and continuously monitoring 177 00:07:31.080 --> 00:07:35.460 all potential paths of attack into a system's architecture. 178 00:07:35.460 --> 00:07:38.460 This minimizes exposure to security threats. 179 00:07:38.460 --> 00:07:40.650 Let's quickly discuss a few concepts 180 00:07:40.650 --> 00:07:43.710 that relate directly to attack surface management. 181 00:07:43.710 --> 00:07:45.840 First, we have hardening. 182 00:07:45.840 --> 00:07:48.150 Hardening is the process of securing systems 183 00:07:48.150 --> 00:07:50.040 by reducing their attack surface, 184 00:07:50.040 --> 00:07:53.280 in part, by disabling unnecessary services 185 00:07:53.280 --> 00:07:56.070 and applying up-to-date security patches. 186 00:07:56.070 --> 00:08:00.450 Next, defense-in-depth implements multiple security controls 187 00:08:00.450 --> 00:08:03.570 such as firewalls, intrusion detection systems, 188 00:08:03.570 --> 00:08:05.100 and access controls, 189 00:08:05.100 --> 00:08:08.430 to provide redundant protections against attack. 190 00:08:08.430 --> 00:08:11.550 Then, vulnerability management can be used 191 00:08:11.550 --> 00:08:14.100 to regularly scan and address network 192 00:08:14.100 --> 00:08:16.170 and asset security weaknesses, 193 00:08:16.170 --> 00:08:18.960 including those in legacy components 194 00:08:18.960 --> 00:08:21.390 that may no longer receive updates, 195 00:08:21.390 --> 00:08:22.950 but are still a critical part 196 00:08:22.950 --> 00:08:25.140 of the enterprise infrastructure. 197 00:08:25.140 --> 00:08:28.470 Finally, we will explore Control Effectiveness. 198 00:08:28.470 --> 00:08:30.810 Control effectiveness refers to the degree 199 00:08:30.810 --> 00:08:33.840 to which security controls mitigate risks 200 00:08:33.840 --> 00:08:35.430 and protect assets. 201 00:08:35.430 --> 00:08:37.320 Control effectiveness concepts 202 00:08:37.320 --> 00:08:40.890 include metrics, scanning, and assessments. 203 00:08:40.890 --> 00:08:42.930 Metrics are quantitative measures 204 00:08:42.930 --> 00:08:45.150 used to evaluate the performance 205 00:08:45.150 --> 00:08:47.430 and impact of security controls. 206 00:08:47.430 --> 00:08:49.410 They provide insights into areas 207 00:08:49.410 --> 00:08:51.270 like incident response times 208 00:08:51.270 --> 00:08:54.360 or the number of vulnerabilities that have been mitigated. 209 00:08:54.360 --> 00:08:57.630 Scanning involves using tools to detect vulnerabilities 210 00:08:57.630 --> 00:09:00.180 or misconfigurations within the system. 211 00:09:00.180 --> 00:09:03.090 This allows the vulnerabilities to be prioritized 212 00:09:03.090 --> 00:09:04.410 for remediation. 213 00:09:04.410 --> 00:09:06.600 Assessments involve an evaluation 214 00:09:06.600 --> 00:09:09.780 of security controls through audits, penetration testing, 215 00:09:09.780 --> 00:09:11.310 or compliance checks, 216 00:09:11.310 --> 00:09:14.490 which ensure that controls are functioning as intended 217 00:09:14.490 --> 00:09:17.250 and identifying any areas for improvement. 218 00:09:17.250 --> 00:09:19.800 To finish things off, we'll take a short quiz 219 00:09:19.800 --> 00:09:22.560 to see what you learned during this section of the course, 220 00:09:22.560 --> 00:09:25.800 and we will review each of those quiz questions fully 221 00:09:25.800 --> 00:09:28.830 to ensure you can explain why the right answers were right 222 00:09:28.830 --> 00:09:30.570 and the wrong answers were wrong. 223 00:09:30.570 --> 00:09:34.260 So, let's get ready to dive into Security Architecture 224 00:09:34.260 --> 00:09:36.921 in this section of the course!