Defenses Against Multi-tier Attacks

The tricky aspect to defending against multi-tier attacks is that you will neither be defending a single component nor be defending against a single attack method. In the sections that follow, you will quickly notice that defending against multi-tier attacks requires implementing defensive controls that may also reside at multiple points within the network and implementation footprint. Because of the varied methods that an attacker can employ, there is no single defense that can be deployed. “Defense in Depth” is especially relevant and applicable to this situation.

The three layers described below do not necessarily present anything new; however, this one-attack approach is actually a collection of methods that aggregates many defensive positions. For example, an attacker may attempt to exploit a known buffer overflow vulnerability in the operating system to gain control of a particular server and then attempt a brute force password attack against a Web application hosted on the server to compromise a user account or launch an SQL injection attack against an instance of SQL Server to gain access to data. From there, the attacker could plant documents in a folder that are infected with some form of malware. The layers present broad, yet effective, ways for you to safeguard the confidentiality, integrity, and availability of your SharePoint installation.