1. Securing the Network

網路資安包含 multi-layered 策略，無仝款的技術保護網路免受各種網路威脅。
關鍵的原件包括：firewall、access control lists(ACLs)、intrusion detection systems(IDSs)

1.1 Securing the Servers

1.2 Securing the Hosts

2. Architecture and Infrastructure Concepts

2.1 Cloud Computing 雲端運算

是一个 flexible 佮 scalable 的科技，予人會用得提取佮囥資料 application 踮網際網路懸頂。

四款 cloud model:

• Public Cloud
• Private Cloud
• Community Cloud
• Hybrid Cloud

Cloud 嘛提供一寡以前是囥佇本地端(on-premises)的服務:

• Infrastructure as a Service(IaaS)
• Software as a Service(SaaS)
• Platform as a Service(PaaS)
• Security as a Service(SECaaS)
• Anything as a Service(XaaS)

2.2 Responsibility Matrix

佇雲端責任是服務提供者佮顧客共同負擔。

2.3 Hybrid Considerations

Hybrid cloud 的資安主提包括：data management、latency challenges、佮 third-party 廠商的 issues、佮供應鏈攻擊有關的風險。

3. Infrastructure as Code(IaC)

使用 IaC 的好處：

• Efficiency Redefined
• Consistency and Reproduibility
• Version Control and Collaboration
• Providers and Tools

4. Serverless

4.1 Microservices

Microservices 的好處：

• Agility
• Scalability
• Faster Development
• Easy Maintenance
• Improved Fault Tolerance
• Decomposition
• Independence

5. Network Infrastructure

5.1 Physical Isolation

5.2 Logical Segmentation

5.3 Software-Defined Networking(SDN)

5.4 On-Premises

5.5 Centralized versus Decentralized

5.6 Containerization

5.7 Virtualization

5.8 Internet of Things(IoT)

5.9 Industrial Control Systems(ICS)/Supervisory Control and Data Acquisition(SCADA)

5.10 Real-Time Operating Systems

5.11 Embedded Systems

5.12 High Availability

6. Consideration for Your Infrastructure