cisco certification guide overview and career paths

cisco certification guide overview and career paths.156 Chapter 3 Security PrinciplesWhen performing the task of security incident response and forensics, it is important to know how to collect evidence and what constitutes a complete chain of evidence. This chapter will briefly introduce the chain of evidence as it relates to cybersecurity investigations. The reader will learn detailed information related to reverse engineering, forensics, and sliding window anomaly detection. This chapter will introduce the reader to personally identifiable information (PHI) and protected health information (PHI), and will focus on issues related to the Payment Card Industry Data Security Standard (PCI DSS) and the Health Insurance Portability and Accountability Act (HIPAA). The chapter will focus on concepts related to different regulatory standards such as the Payment Card Industry Data Security Standard (PCI DSS) and the Health Insurance Portability and Accountability Act (HIPAA).This chapter will also instill in the reader the concept of the principle of least privilege and provide the reader with an understanding of why risk scoring and risk weighting should be done in the area of risk assessment and risk reduction. This chapter will briefly describe the methods of risk assessment and risk reduction.3.2 Rationale for a defense-in-depth strategyWhether the reader is a cybersecurity expert or new to cybersecurity, they should all realize that it is becausenetwork is insecure, it is necessary to deploy firewalls, intrusion prevention systems (IPS), or install antivirus software on the computer and turn on advanced malware protection. A layered, cross-border "defense-in-depth" strategy is required to secure the network and unit assets. The main benefit of implementing a defense-in-depth strategy is that even if a single control system (e.g., firewall or IPS) fails, there are other control systems that can still secure the network environment and assets. Figure3.1 illustrates this concept. Each layer of the defense-in-depth shown in Figure 3-1 (starting from the top) is listed below. Non-technical actions, such as having reasonable security regulations and proper training for end users and employees.appropriate training. Physical security, including installing surveillance cameras, implementing physical access controls (e.g., installing card readers, retina scanners, and fingerprint scanners), and installing access control systems. Network security best practices, such as enabling routing protocol authentication, enabling control plane supervision (CoPP), and hardening network devices.