Security Architecture and Design: The Big Picture

Course Overview
Hey, everyone. My name is Christopher Rees and welcome to my course, Security Architecture and Design: The Big Picture. I'm a former law enforcement officer and detective who specialized in computer crimes and I've been in enterprise ops for 20+ years, leading teams of various sizes from medium-sized companies to Fortune 500 enterprises. I've been creating training since 2000 and I've had the privilege of instructing over 150, 000 students around the world. Practically every day we hear of some company that's had their networks breached and confidential data stolen. This often equates to user data, credentials, credit card information, email addresses, and so forth. These breaches are incredibly damaging to a company's reputation, user and investor confidence, and ultimately to their bottom line. So in this course we're going to cover the essentials of what you'll need to understand when it comes to properly planning, implementing, troubleshooting, and maintaining a company's information security posture. I want to make sure you have a good understanding of all these areas that you'll need to assess when fortifying a company's defenses. Some of the major topics that we'll cover will include installing and configuring network components. We'll talk about implementing secure protocols and some use cases associated with those protocols. We'll also talk about secure network architecture and discuss segmentation, isolation, virtualization, and also where to place various security devices within the network as well as software-defined networking or SDN. We'll also cover troubleshooting common security issues, implementing secure systems design, secure application development and deployment, and lastly, physical security controls. So by the end of this course you have a good understanding of the major components that make up a secure network and the essentials of what it takes to ensure a company's confidential information is protected. Before beginning this course you should be familiar with general computing and networking fundamentals. Once you finish here you should feel comfortable diving into more advanced security training with courses on Security+ or Advanced Security Practitioner, Big Picture courses like malware analysis or similar topics and web security and related topics. So I hope you will join me on this journey to learn how to protect a company's data, intellectual property and reputation with Security Architecture and Design: The Big Picture course here at Pluralsight.

Implementing Secure Protocols
Hey, welcome back to Pluralsight. I'm your instructor, Christopher Rees, and in this module we're going to be covering Implementing Secure Protocols. So let's go ahead and start off, before we even get into the meat of the module, let's talk about why should we even care. Well, secure protocols ensure communication is safe from hackers and also from prying eyes. So if we think about it, all the communication that we do all day long, email, instant messages, connecting to servers, other laptops, different services, applications and so forth, all of that communication both within our network and also leaving our network and coming into the network, all of those things should be secure whenever possible so that we avoid what? We avoid prying eyes, hackers, and ultimately data breaches. So as I'm sure you understand, it's critical to securing your company's data, intellectual property, competitive advantage, and so forth. So if we have a data breach it can have a very significant impact as I mentioned before, to a company's bottom line. It can obviously impact revenue, but it can also impact reputation, it can impact brand, brand awareness, consumer confidence, investor confidence, and if in fact that intellectual property or some distinct competitive advantage is leaked or stolen from the network, right? Some type of breach occurs and that information is exfiltrated or removed from the network and given to a competitor, it can have an impact great enough to actually put a company out of business. So it's critically important that we understand where security can be tightened up, what protocols exist, and where secure protocol or secure alternatives exist to make sure that we're locking these things down as much as possible. So let's go ahead and get started.

Secure Application Development and Deployment
Hey, everyone. Welcome back to Pluralsight. I'm your instructor, Christopher Rees, and in this module we're going to be covering Secure Application Development and Deployment. So in this module we have a few things I want to cover. Some important information that I definitely want you to incorporate into your overall mindset. So we're going to talk about development life-cycle models. We'll talk about secure DevOps. We'll talk about version control and change management and the importance of that; provisioning and deprovisioning, secure coding techniques, and then also code quality and testing, and compiled versus runtime code. Now each of these has some sub topics, again very important so let's go ahead and get started. Okay, so the main takeaways for this module are three main things. I want you to understand the need and the importance of managing change to ensure security. We really can't just do things willy-nilly. We can't do things without a plan. As I talked about before, when you fail to plan, you plan to fail. So everything has to be managed properly and has to be managed in a secure fashion. Alright? Change management is very important. Next, always develop secure code. I know a lot of the tenants of DevOps is a very a quick iteration, a quick feedback loop and get things out and coded and tested and into production very quickly and that may seem at odds with security which likes to take their time and do things a little more slowly, fully test, regression test and so forth, but the two can coexist, but you have to have security in mind from the outset. Alright? So always develop secure code and then lastly, think and test like an attacker. Right? We want to have that hacker mindset. Always look at your environment, your code, your applications and so forth. Right? The various pieces of your infrastructure and always think like an attacker. How would they try to get in? What ways and methods would they use? Where are the weak links in the chain? So if we take that mindset and not have security as an afterthought, we stand a much better chance of securing the environment, both internally and externally.

Physical Security Controls
Hey, everyone. Welcome back to Pluralsight. I'm your instructor, Christopher Rees and in this module we're going to be covering Physical Security Controls. So a lot of information to cover in this module. So we'll talk about lighting, signs, fencing, security guards and alarms, safes and secure cabinets and enclosures. We'll also talk about protected distribution and protected cabling. Also the concept of an airgap network, mantraps, faraday cages, lock types and biometrics. We'll also talk about barricades and bollards, tokens and cards, and then various environmental controls including HVAC, hot and cold aisles and fire suppression along with cable locks, screen filters, cameras, motion detection, logs, infrared detection, and key management. So that's a mouthful for sure. A lot of important information, however, for a number of reasons. Alright, so there are a few goals in this module. Number one, to understand the importance of maintaining physical security. Alright, now as we know, security is everyone's responsibility and also to understand that breaches can come from many sources. So a lot of times physical security gets overlooked, but the reality is physical security is where things start. Breaches can occur just as easily from the outside as they can the inside and in fact, a large number of breaches actually start internally. So by understanding the true importance of maintaining physical security, my goal here is to make sure that everyone has that in the back of their mind so if you see something, you say something, and also just making sure that physical security controls are in place and maintained; if a light bulb is out, if a door is cracked open, if a fence isn't working, things along these lines. If you see something, make sure you fix it. Don't assume it's somebody else's job; security is everyone's responsibility. So let's go ahead and get started.