Professional Documents
Culture Documents
Group Activity
Divide participants into groups and have them design a
defense in depth strategy for a hypothetical
organization. Provide them with information about the
organization's assets, threats, and vulnerabilities. Each
group should design a strategy that includes multiple
layers of defense, such as firewalls, intrusion detection
systems, access control, and data backups. After the
groups have presented their strategies, lead a
discussion about the strengths and weaknesses of
each approach.
7 Making compromise difficult
What to do with external input
Case Study
Reducing the attack surface
Provide participants with a case study of a real-world
Confidence in crucial security controls
Least Privilege
Protecting management and operations environments
from targeted attacks
Tried and tested approaches
Authorization and Monitoring
Design for easy maintenance
8 Making Disruption Difficult
System resiliency
Scalability
Bottlenecks and DOS conditions
Dependence of third parties
9 Detecting Compromise
security events and logs
communication flows between components IT security breach that resulted from a failure in
malware command and control communications separation of duty. Have them analyze the case study
Independent Monitoring to identify which tasks and responsibilities should have
Mask Security Logic been separated to prevent the breach. Then, have
Understand 'normal' and detect the abnormal them design a separation of duty policy that could
10 Reduce the impact of compromise have prevented the breach from occurring. After the
zoned or segmented network groups have presented their policy, lead a discussion
unnecessary functionality about how it could be implemented in a real-world IT
management bypass environment and how it could be enforced.
recovering following a compromise
separation of duties
Anonymise data