An Architectural View

Once we look at different types of vulnerabilities, attacks, and threats, we find they exist at different layers within a network. This digs into more of the technology of an environment and the complexity of each of these technologies at each layer. This applies to the various protocols, applications, hardware, and security mechanisms that work at one or more of the seven layers of the OSI model. (The OSI model is fully described in Chapter 7.) IP spoofing is an attack at the network layer, ARP attacks happen at the data link layer, traffic sniffing occurs at several layers, and viruses enter through the application layer. If an organization just employs strict password rules and a firewall, this leaves many layers vulnerable ...

Get CISSP Certification All-in-One Exam Guide, Fourth Edition, 4th Edition now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.