Principles

** -(Stored) **

 * D.O.L.L.S **
 * D-Diversity **
 * -Different password types, different Authentication, Software (OS Window server), Apache Tomcat, IDS, Honeypots **
 * O-Obscurity **
 * -Hide your info- OS, Apps, internal Address ( NAT, PAT) include in database **
 * L-Limiting **
 * -Limit Access (Access control, RBAC/IBAC, privileges (root, read,write,mod,del), Places **
 * L-Layering **
 * -Multiple Obstacles (networking- firewall-gateway-public facing server (web server), Segmentation, VLAN, (Red zone, yellow zone, green zone) **
 * S-Simplicity **
 * -Usability( biometrics, finger scanner, MGMT tools **

Risk vs. Benefit ( Is the Risk taken worth the Benefits)