Exploring Fundamentals of Security

In addition to knowing the main goals of security (the AIC security triad), you also need to understand some basic terms and concepts. The following sections in this chapter cover these concepts and some of the terminology.

Defense in Depth

One of the primary tenets of security is that you’re never done. You can’t just write a security policy, install antivirus software, or enable firewalls and say, “There. We’re safe and secure now.” Instead, IT security uses the principle of defense in depth.

Consider Figure 1-4. It shows network resources protected through several layers of security. Chapter 9 covers security controls in greater depth, but in short, a security control attempts to reduce risk by either reducing ...

Get SSCP Systems Security Certified Practitioner All-in-One Exam Guide now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.