Defense-In-Depth (D-I-D)

This is a fundamental security principle of providing multiple levels of protection so that your system is still protected in the event of a vulnerability. Multi-level, comprehensive security. When calling external code, there are more vulnerabilities less prevention and even less ‘fixes’, after-the-fact. Application Domains can be used  to start assemblies with limited privileges, to create a custom environment, while still remaining secure, safe and protected. Information Assurance for information security research and application is now coming of age. Security functions and subsystems work together to enable these dynamics (configuration, optimization, healing and protection). In an age of inter-networking and inter-operability, flexibility and options are the name of the game. 

There are two categories of thought and application here, dynamic defence techniques (like D-I-D, intrusion detection) and static security measures (access rights, firewalls). Multilayered defences are the answer, pro-active protection, rather than reactive, or just protective measures. Operating, managing and integrating computer systems, networks, programming and more grows in complexity and exponentially.  In pursuit of improved security, the .NET Framework environment is geared towards comprehensive approaches to information and electronic security.

Key Exam Points

1. Access, possibilities, applications, strengths, weaknesses, use, management and maintenance, of Defense-in-Depth, for C# and VB, .NET Frameworks environments and programming tasks.

2. Review relevant chapters on and references to Application, Domain and Services, Configuration and Security.

3. For the exam, study practical, hands-on examples, exercises and lab-work type applications,  for defense in depth, that help you to gain a better understanding overall of this topic and related components, implications and code, procedures and protocols.
4. Take the practice test, Q&A Multiple choice, application type sample questions, exam.

Related Terms

This article is based on the 2nd edition of the Microsoft .Net Framework Application Training Kit with the purpose to help 70-536 Exam takers to succeed. I constantly look for ways to improve the content.   Please leave a comment about this article or drop me a message if you would like to see changes for this site.