WOLF//SEC
← Dashboard
DOMAIN 3.0 18% of exam

Security Architecture

Designing secure systems. Four objectives covering architecture models (cloud IaaS/PaaS/SaaS, on-prem, hybrid, edge, containers, serverless, ICS/SCADA), infrastructure hardening (device placement, firewalls, IDS/IPS, 802.1X, VPN, SD-WAN, SASE), data protection strategies (classification, encryption at rest/transit/use, tokenization, DLP, rights management, data lifecycle), and resilience/recovery planning (HA, RAID, backup strategies, recovery sites, RTO/RPO).

Objective 3.2 (“Given a scenario, apply security principles to secure enterprise infrastructure”) is the PBQ target — device placement in security zones, firewall rule configuration, 802.1X authentication, IDS/IPS deployment decisions. Understanding how interception works offensively makes your defensive architecture decisions sharper.

OBJECTIVES

3.1 Compare and contrast security implications of different architecture models
compare
3.2 Apply security principles to secure enterprise infrastructure
PBQ
3.3 Compare and contrast concepts and strategies to protect data
compare
3.4 Explain the importance of resilience and recovery in security architecture
explain