| Lab/Room | TryHackMe - Cyberdefense |
|---|---|
| Type | Classroom |
| Statut | Done |
| Date | 05/03/2026 |
Explore defensive security, cyber infrastructure, and how to protect systems from attacks.
Defensive Security focuses on understanding what needs to be protected and implementing security measures to prevent, detect, and mitigate the impact of potential attacks. Defenders work to gain visibility into systems, identify weak points, and ensure that systems remain available and protected, aligning with the goals of confidentiality, integrity, and availability (the CIA triad).
Before implementing any security controls, defenders must first gain a clear understanding of the environment they are responsible for protecting. Security cannot exist without visibility. If defenders do not know which systems exist, how they communicate, and which users interact with them, they cannot effectively detect or prevent attacks.
An effective way to conceptualize this is by imagining the organization's infrastructure as a city surrounded by protective walls. In this analogy, security defenders play the role of city guards. Just like guards must understand the city's layout, monitor activity, and respond to suspicious behavior, defenders must understand the structure and behavior of their digital environment.
Without this situational awareness, defenders operate blindly. A guard who does not know where the gates, buildings, or streets are located cannot protect the city. Similarly, a security professional must know the organization’s systems, networks, and users before attempting to defend them.
The city analogy helps illustrate several core defensive questions that security teams must answer when protecting an environment.
One of the first questions defenders must ask is what they are protecting. In a city, this includes homes, buildings, and people. In a corporate environment, the equivalent assets are: