Examples of this strategy include using gateways, routers, firewalls, and password checks, deleting suspicious emails/messages, and limiting physical access.
[2] Information System Monitoring employs security measures to find intruders or the damage done by them.
Examples of this strategy include antivirus software, applying a patch, and network behavior anomaly detection.
This strategy is based on the assumption that the system has been penetrated, but an intruder cannot prevent the defensive mechanism from being employed.
Examples of this strategy include rebooting, using physical unclonable functions, and using a security switch.
Examples of this strategy include using the Access level, using a Trusted Platform Module, using a microkernel, using Diode (unidirectional network device), and using air gaps.
Moving target is a security strategy based on frequent changes of data and processes.
Examples of this strategy are regular changes of passwords or keys (cryptography), using a dynamic platform, etc.
This strategy is not generally possible to use because of the difficulties involved in exchanging one-time pads without the risk of being compromised.
Deletion is a strategy using security measures to prevent an intruder from gaining sensitive information at all costs.
Examples of this strategy include information deletion as a response to a security violation (such as unauthorized access attempts) and password resets.
The strategy is based on the assumption that finding and repairing the damage is more complicated than the restoration of the system.
Active defense is a strategy performing security measures attacking the potential intruders.
Examples of this strategy include creating and using lists of trusted networks, devices, and applications, blocking untrusted addresses, and vendor management.
[7] This strategy can be fully successful, but in most cases, there is a trade-off of full system functionality for security.
[8] Any implementation needs to be supported by the secure enclave strategy in order to prevent neutralizing action by unauthorized access to the protection mechanism.