1. Home
  2. Training Library
  3. Keys & models of protection [CISMP]

Models of protection

Contents

keyboard_tab

The course is part of this learning path

Models of protection 

What else do organisations rely on to protect their assets and information?

Now, you’ll look at what controls your organisation can implement at the network, application, and data levels.

If an organisation wants to protect data being exchanged between two users over an open network, then there are three approaches, or models, that can be used:

  1. First, the organisation can implement network level protection, such as a Virtual Private Network or VPN. As the name implies, this is a way of creating a private network across an untrusted network such as the internet. VPNs can be used for a number of reasons, such as:
    • To securely connect isolated local area networks (LANs) across the internet.
    • To allow mobile users remote access to corporate network using the internet.
    • To control access within an intranet environment.
  2. The organisation can implement application-level protection, such as Web Service Security or S/MIME to provide end-to-end security at a user level by encryption applications at client workstations and server hosts.
  3. The organisation can implement controls at the data level, such as WinZip, for directly encrypting the data being exchanged via their email service.

Typically, organisations implement one of these models of protection. If an organisation has implemented a VPN between different sites, they won’t generally implement secure email. However, depending on their risk appetite, some organisations that handle more sensitive information could implement several layers of controls.

To illustrate, an organisation might have a VPN for inter-site communications, but when two users wish to exchange sensitive information, they’re advised to use WinZip to further protect the information at the data level.

Difficulty
Beginner
Duration
13m
Students
61
Ratings
5/5
starstarstarstarstar
Description

This course describes how keys are generated, distributed, and managed for the purpose of encoding or decoding cryptographic data. Later, you’ll explore other methods of protection aside from cryptography, to give you a more well-rounded view of asset protection.

About the Author
Students
29741
Labs
125
Courses
1419
Learning Paths
37

A world-leading tech and digital skills organization, we help many of the world’s leading companies to build their tech and digital capabilities via our range of world-class training courses, reskilling bootcamps, work-based learning programs, and apprenticeships. We also create bespoke solutions, blending elements to meet specific client needs.