# Assignment: Designing Secure Architectures to Mitigate Historical Breaches

## Objective
In this assignment, you will analyze three major cybersecurity breaches—Equifax Data Breach (2017), SolarWinds Backdoor Attack (2020), and Capital One Data Breach (2019)—and design secure architectures to address their specific vulnerabilities. For each breach, you will:
1. Create an architecture diagram using Python's `diagrams` module for a system in an environment of your choice (On-premises, AWS, or Azure).
2. Develop three security architectures: **Defense in Depth (DiD)**, **Zero Trust**, and **Adaptive Security**, adapting your initial diagram for each.
3. Explain your design decisions in a table format for each architecture.
4. Submit your work in this notebook, including code, diagrams, and explanations.

## Tools
- **Python Diagramming Library**: Use the `diagrams` module (`pip install diagrams`) to programmatically create architecture diagrams.
- **Environment**: Choose one of the following for your designs: On-premises, AWS, or Azure.
- **Submission**: This notebook with all code, generated diagrams (e.g., PNG files), and tables.

## Instructions
- **Setup**: Install the `diagrams` library with `!pip install diagrams` in a code cell.
- **Diagrams**: Create a base architecture diagram for each breach, then adapt it for DiD, Zero Trust, and Adaptive Security.
- **Documentation**: Use markdown cells to describe your designs and tables to explain controls.

## Breach Scenarios
### 1. Equifax Data Breach (2017)
- **Unpatched Apache Struts Vulnerability**: Unpatched for 2+ months, allowed code execution.
- **Lack of Network Segmentation**: Flat network enabled lateral movement to PII databases.
- **Expired IDS Certificates**: Disabled intrusion detection for 10+ months.
- **False Negatives in Scans**: Missed vulnerabilities due to misconfiguration.

### 2. SolarWinds Backdoor Attack (2020)
- **Supply-Chain Compromise**: Backdoor in signed Orion updates infected 18,000+ customers.
- **Anomalous Build Processes**: Compromised build environment injected malicious code.
- **Insufficient Build Safeguards**: No tampering detection in the pipeline.
- **Lack of Policy Enforcement**: No integrity checks for updates.

### 3. Capital One Data Breach (2019)
- **Cloud Misconfiguration (SSRF)**: Misconfigured WAF allowed metadata access.
- **Over-Privileged IAM Roles**: Excessive permissions exposed 100+ S3 buckets.
- **Inadequate Monitoring**: Failed to detect SSRF or data exfiltration.
- **Compliance Gaps**: Weak IAM and configuration governance.


---

### Rubric for Grading the Assignment

| **Category**                | **Excellent (90-100%)**                                                                                   | **Good (80-89%)**                                                                                     | **Satisfactory (70-79%)**                                                                             | **Needs Improvement (60-69%)**                                                                    | **Unsatisfactory (0-59%)**                                                                   |
|-----------------------------|-----------------------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------|
| **Base Architecture Analysis (15%)** | Provides a detailed, accurate description of the base architecture for each breach, clearly identifying all key components involved (e.g., web servers, databases). Diagrams are precise, visually clear, and fully aligned with the breach scenario. | Describes the base architecture accurately with most key components identified. Diagrams are clear and mostly aligned with the scenario, with minor inaccuracies or omissions. | Provides a basic description of the base architecture with some components identified. Diagrams are functional but lack clarity or contain noticeable inaccuracies related to the scenario. | Description is vague or incomplete, missing key components. Diagrams are poorly designed, unclear, or misrepresent the breach scenario significantly. | No description or diagram provided, or the work is unrelated to the breach scenarios.        |
| **Defense in Depth (DiD) Design (20%)** | Designs a comprehensive DiD architecture with 5 well-chosen, specific controls that directly address all breach vulnerabilities. Diagram is detailed, incorporating all controls effectively with clear connections. Table provides thorough, logical rationales tied to the breach. | Designs a solid DiD architecture with 5 relevant controls addressing most vulnerabilities. Diagram includes most controls with clear connections, though minor details may be missing. Table rationales are clear but may lack depth in some cases. | Designs a DiD architecture with 4-5 controls addressing some vulnerabilities. Diagram includes several controls but may lack full integration or clarity. Table rationales are present but basic or partially incomplete. | Designs a DiD architecture with fewer than 4 controls or controls that poorly address vulnerabilities. Diagram is incomplete or unclear. Table rationales are vague, missing, or disconnected from the breach. | No DiD design, controls, diagram, or table provided, or the work is irrelevant.              |
| **Zero Trust Design (20%)** | Designs a robust Zero Trust architecture with 5 specific, breach-relevant controls fully enforcing trust verification principles. Diagram is precise, showing verification at every step. Table offers deep, breach-specific rationales demonstrating strong understanding. | Designs a good Zero Trust architecture with 5 controls mostly aligned with trust principles and breach issues. Diagram shows verification effectively with minor gaps. Table rationales are clear, though some lack full specificity to the breach. | Designs a Zero Trust architecture with 4-5 controls somewhat aligned with trust principles. Diagram includes verification but may be incomplete or unclear. Table rationales are adequate but lack depth or full breach connection. | Designs a Zero Trust architecture with fewer than 4 controls or weak alignment to trust principles. Diagram lacks clarity or key verification elements. Table rationales are incomplete or unclear. | No Zero Trust design, controls, diagram, or table provided, or the work is irrelevant.       |
| **Adaptive Security Design (20%)** | Designs an innovative Adaptive Security architecture with 5 specific, dynamic controls addressing all breach vulnerabilities. Diagram integrates real-time adaptation (e.g., feedback loops) clearly. Table provides insightful, breach-specific rationales showing advanced reasoning. | Designs a strong Adaptive Security architecture with 5 controls addressing most vulnerabilities dynamically. Diagram includes adaptation elements with minor omissions. Table rationales are solid but may lack some depth or specificity. | Designs an Adaptive Security architecture with 4-5 controls addressing some vulnerabilities dynamically. Diagram shows adaptation but lacks full clarity or integration. Table rationales are present but basic or not fully tied to the breach. | Designs an Adaptive Security architecture with fewer than 4 controls or poor dynamic elements. Diagram is unclear or lacks adaptation features. Table rationales are vague or incomplete. | No Adaptive Security design, controls, diagram, or table provided, or the work is irrelevant.|
| **Technical Implementation (15%)** | Python code runs flawlessly, producing all 12 diagrams (base + 3 per breach) with correct syntax and environment-specific components. Diagrams are saved and displayed as PNGs with no errors. Environment choice is consistent and appropriate. | Code runs with minor errors (e.g., missing imports) but produces at least 10 diagrams correctly. Diagrams are mostly clear and use appropriate components. Environment choice is consistent with slight inconsistencies. | Code runs with some errors, producing 7-9 diagrams. Diagrams are functional but may lack polish or correct components. Environment choice is mostly consistent but may have minor mismatches. | Code has significant errors, producing fewer than 7 diagrams or failing to display them. Diagrams are unclear or use incorrect components. Environment choice is inconsistent or unclear. | Code does not run, produces no diagrams, or lacks environment-specific implementation.      |
| **Clarity and Documentation (10%)** | Explanations are concise, articulate, and directly tied to breach scenarios. Tables are fully completed with clear, logical rationales. Conclusion is insightful, summarizing effectiveness comprehensively. | Explanations are clear and mostly tied to breaches. Tables are completed with minor gaps in rationales. Conclusion summarizes effectiveness well but may lack depth. | Explanations are adequate but may lack detail or breach connection. Tables are partially completed with basic rationales. Conclusion is present but lacks full analysis. | Explanations are vague or incomplete. Tables are minimally completed or unclear. Conclusion is brief or missing key insights. | No explanations, incomplete tables, or no conclusion provided.                          |

---

### Total Points: 100%
- **Base Architecture Analysis**: 15 points
- **Defense in Depth Design**: 20 points
- **Zero Trust Design**: 20 points
- **Adaptive Security Design**: 20 points
- **Technical Implementation**: 15 points
- **Clarity and Documentation**: 10 points



In [None]:
# Setup: Install the diagrams library
!pip install diagrams

# Import necessary modules
from diagrams import Diagram, Cluster
# Add environment-specific imports based on your choice (e.g., from diagrams.aws.network import ELB)


# Equifax Data Breach (2017)
## Base Architecture
**Environment Chosen**: [Fill in: On-premises / AWS / Azure]


### Question 1: Describe the Base Architecture
Briefly describe the system that was compromised in the Equifax breach based on the scenario provided. What components (e.g., web servers, databases) were involved?


**Your Answer**: [Type your description here]


In [None]:
# Base Architecture Diagram for Equifax
with Diagram("Equifax Base Architecture", show=False, direction="TB", outformat="png", filename="equifax_base"):
    # Define your components here based on your description above
    pass  # Replace with actual diagram code

# Display the diagram
from IPython.display import Image
Image(filename="equifax_base.png")


## Defense in Depth (DiD) Architecture


### Question 2: Plan Your DiD Controls
How will you apply Defense in Depth to mitigate the Equifax breach issues? List 5 controls in the comments below.


In [None]:
# DiD Controls for Equifax
# Control 1: [e.g., Patch Management System] - Applies to [e.g., Web Servers] - Reason: [Mitigates unpatched Struts vulnerability]
# Control 2: [Your control here] - Applies to [Where] - Reason: [Why it helps]
# Control 3: [Your control here] - Applies to [Where] - Reason: [Why it helps]
# Control 4: [Your control here] - Applies to [Where] - Reason: [Why it helps]
# Control 5: [Your control here] - Applies to [Where] - Reason: [Why it helps]

# DiD Architecture Diagram for Equifax
with Diagram("Equifax DiD Architecture", show=False, direction="TB", outformat="png", filename="equifax_did"):
    # Modify the base diagram to include your DiD controls
    pass  # Replace with actual diagram code

# Display the diagram
Image(filename="equifax_did.png")


### DiD Controls Table
Fill in the table based on your controls above:

| **Control**                     | **Where It Applies**                              | **Reason (Rationale)**                                                                                  |
|---------------------------------|--------------------------------------------------|--------------------------------------------------------------------------------------------------------|
| [Control 1]                    | [Where]                                          | [Reason]                                                                                               |
| [Control 2]                    | [Where]                                          | [Reason]                                                                                               |
| [Control 3]                    | [Where]                                          | [Reason]                                                                                               |
| [Control 4]                    | [Where]                                          | [Reason]                                                                                               |
| [Control 5]                    | [Where]                                          | [Reason]                                                                                               |


## Zero Trust Architecture


### Question 3: Plan Your Zero Trust Controls
How will you apply Zero Trust to mitigate the Equifax breach issues? List 5 controls in the comments below.


In [None]:
# Zero Trust Controls for Equifax
# Control 1: [e.g., Multi-Factor Authentication] - Applies to [e.g., All Access Points] - Reason: [Ensures verification at every step]
# Control 2: [Your control here] - Applies to [Where] - Reason: [Why it helps]
# Control 3: [Your control here] - Applies to [Where] - Reason: [Why it helps]
# Control 4: [Your control here] - Applies to [Where] - Reason: [Why it helps]
# Control 5: [Your control here] - Applies to [Where] - Reason: [Why it helps]

# Zero Trust Architecture Diagram for Equifax
with Diagram("Equifax Zero Trust Architecture", show=False, direction="TB", outformat="png", filename="equifax_zt"):
    # Modify the base diagram to include your Zero Trust controls
    pass  # Replace with actual diagram code

# Display the diagram
Image(filename="equifax_zt.png")


### Zero Trust Controls Table
Fill in the table based on your controls above:

| **Control**                     | **Where It Applies**                              | **Reason (Rationale)**                                                                                  |
|---------------------------------|--------------------------------------------------|--------------------------------------------------------------------------------------------------------|
| [Control 1]                    | [Where]                                          | [Reason]                                                                                               |
| [Control 2]                    | [Where]                                          | [Reason]                                                                                               |
| [Control 3]                    | [Where]                                          | [Reason]                                                                                               |
| [Control 4]                    | [Where]                                          | [Reason]                                                                                               |
| [Control 5]                    | [Where]                                          | [Reason]                                                                                               |


## Adaptive Security Architecture


### Question 4: Plan Your Adaptive Security Controls
How will you apply Adaptive Security to mitigate the Equifax breach issues? List 5 controls in the comments below.


In [None]:
# Adaptive Security Controls for Equifax
# Control 1: [e.g., Real-Time Threat Detection] - Applies to [e.g., Network Traffic] - Reason: [Adapts to detect malicious activity]
# Control 2: [Your control here] - Applies to [Where] - Reason: [Why it helps]
# Control 3: [Your control here] - Applies to [Where] - Reason: [Why it helps]
# Control 4: [Your control here] - Applies to [Where] - Reason: [Why it helps]
# Control 5: [Your control here] - Applies to [Where] - Reason: [Why it helps]

# Adaptive Security Architecture Diagram for Equifax
with Diagram("Equifax Adaptive Security Architecture", show=False, direction="TB", outformat="png", filename="equifax_as"):
    # Modify the base diagram to include your Adaptive Security controls
    pass  # Replace with actual diagram code

# Display the diagram
Image(filename="equifax_as.png")


### Adaptive Security Controls Table
Fill in the table based on your controls above:

| **Control**                     | **Where It Applies**                              | **Reason (Rationale)**                                                                                  |
|---------------------------------|--------------------------------------------------|--------------------------------------------------------------------------------------------------------|
| [Control 1]                    | [Where]                                          | [Reason]                                                                                               |
| [Control 2]                    | [Where]                                          | [Reason]                                                                                               |
| [Control 3]                    | [Where]                                          | [Reason]                                                                                               |
| [Control 4]                    | [Where]                                          | [Reason]                                                                                               |
| [Control 5]                    | [Where]                                          | [Reason]                                                                                               |


# SolarWinds Backdoor Attack (2020)
## Base Architecture
**Environment Chosen**: [Fill in: On-premises / AWS / Azure]


### Question 5: Describe the Base Architecture
Briefly describe the system that was compromised in the SolarWinds breach based on the scenario provided. What components (e.g., build servers, update servers) were involved?


**Your Answer**: [Type your description here]


In [None]:
# Base Architecture Diagram for SolarWinds
with Diagram("SolarWinds Base Architecture", show=False, direction="TB", outformat="png", filename="solarwinds_base"):
    # Define your components here based on your description above
    pass  # Replace with actual diagram code

# Display the diagram
Image(filename="solarwinds_base.png")


## Defense in Depth (DiD) Architecture


### Question 6: Plan Your DiD Controls
How will you apply Defense in Depth to mitigate the SolarWinds breach issues? List 5 controls in the comments below.


In [None]:
# DiD Controls for SolarWinds
# Control 1: [e.g., Code Signing Verification] - Applies to [e.g., Build Pipeline] - Reason: [Prevents supply-chain compromise]
# Control 2: [Your control here] - Applies to [Where] - Reason: [Why it helps]
# Control 3: [Your control here] - Applies to [Where] - Reason: [Why it helps]
# Control 4: [Your control here] - Applies to [Where] - Reason: [Why it helps]
# Control 5: [Your control here] - Applies to [Where] - Reason: [Why it helps]

# DiD Architecture Diagram for SolarWinds
with Diagram("SolarWinds DiD Architecture", show=False, direction="TB", outformat="png", filename="solarwinds_did"):
    # Modify the base diagram to include your DiD controls
    pass  # Replace with actual diagram code

# Display the diagram
Image(filename="solarwinds_did.png")


### DiD Controls Table
Fill in the table based on your controls above:

| **Control**                     | **Where It Applies**                              | **Reason (Rationale)**                                                                                  |
|---------------------------------|--------------------------------------------------|--------------------------------------------------------------------------------------------------------|
| [Control 1]                    | [Where]                                          | [Reason]                                                                                               |
| [Control 2]                    | [Where]                                          | [Reason]                                                                                               |
| [Control 3]                    | [Where]                                          | [Reason]                                                                                               |
| [Control 4]                    | [Where]                                          | [Reason]                                                                                               |
| [Control 5]                    | [Where]                                          | [Reason]                                                                                               |


## Zero Trust Architecture


### Question 7: Plan Your Zero Trust Controls
How will you apply Zero Trust to mitigate the SolarWinds breach issues? List 5 controls in the comments below.


In [None]:
# Zero Trust Controls for SolarWinds
# Control 1: [e.g., Continuous Validation] - Applies to [e.g., Update Servers] - Reason: [Ensures trusted updates only]
# Control 2: [Your control here] - Applies to [Where] - Reason: [Why it helps]
# Control 3: [Your control here] - Applies to [Where] - Reason: [Why it helps]
# Control 4: [Your control here] - Applies to [Where] - Reason: [Why it helps]
# Control 5: [Your control here] - Applies to [Where] - Reason: [Why it helps]

# Zero Trust Architecture Diagram for SolarWinds
with Diagram("SolarWinds Zero Trust Architecture", show=False, direction="TB", outformat="png", filename="solarwinds_zt"):
    # Modify the base diagram to include your Zero Trust controls
    pass  # Replace with actual diagram code

# Display the diagram
Image(filename="solarwinds_zt.png")


### Zero Trust Controls Table
Fill in the table based on your controls above:

| **Control**                     | **Where It Applies**                              | **Reason (Rationale)**                                                                                  |
|---------------------------------|--------------------------------------------------|--------------------------------------------------------------------------------------------------------|
| [Control 1]                    | [Where]                                          | [Reason]                                                                                               |
| [Control 2]                    | [Where]                                          | [Reason]                                                                                               |
| [Control 3]                    | [Where]                                          | [Reason]                                                                                               |
| [Control 4]                    | [Where]                                          | [Reason]                                                                                               |
| [Control 5]                    | [Where]                                          | [Reason]                                                                                               |


## Adaptive Security Architecture


### Question 8: Plan Your Adaptive Security Controls
How will you apply Adaptive Security to mitigate the SolarWinds breach issues? List 5 controls in the comments below.


In [None]:
# Adaptive Security Controls for SolarWinds
# Control 1: [e.g., Anomaly Detection in Builds] - Applies to [e.g., Build Pipeline] - Reason: [Detects tampering dynamically]
# Control 2: [Your control here] - Applies to [Where] - Reason: [Why it helps]
# Control 3: [Your control here] - Applies to [Where] - Reason: [Why it helps]
# Control 4: [Your control here] - Applies to [Where] - Reason: [Why it helps]
# Control 5: [Your control here] - Applies to [Where] - Reason: [Why it helps]

# Adaptive Security Architecture Diagram for SolarWinds
with Diagram("SolarWinds Adaptive Security Architecture", show=False, direction="TB", outformat="png", filename="solarwinds_as"):
    # Modify the base diagram to include your Adaptive Security controls
    pass  # Replace with actual diagram code

# Display the diagram
Image(filename="solarwinds_as.png")


### Adaptive Security Controls Table
Fill in the table based on your controls above:

| **Control**                     | **Where It Applies**                              | **Reason (Rationale)**                                                                                  |
|---------------------------------|--------------------------------------------------|--------------------------------------------------------------------------------------------------------|
| [Control 1]                    | [Where]                                          | [Reason]                                                                                               |
| [Control 2]                    | [Where]                                          | [Reason]                                                                                               |
| [Control 3]                    | [Where]                                          | [Reason]                                                                                               |
| [Control 4]                    | [Where]                                          | [Reason]                                                                                               |
| [Control 5]                    | [Where]                                          | [Reason]                                                                                               |


# Capital One Data Breach (2019)
## Base Architecture
**Environment Chosen**: [Fill in: On-premises / AWS / Azure]


### Question 9: Describe the Base Architecture
Briefly describe the system that was compromised in the Capital One breach based on the scenario provided. What components (e.g., WAF, S3 buckets) were involved?


**Your Answer**: [Type your description here]


In [None]:
# Base Architecture Diagram for Capital One
with Diagram("Capital One Base Architecture", show=False, direction="TB", outformat="png", filename="capitalone_base"):
    # Define your components here based on your description above
    pass  # Replace with actual diagram code

# Display the diagram
Image(filename="capitalone_base.png")


## Defense in Depth (DiD) Architecture


### Question 10: Plan Your DiD Controls
How will you apply Defense in Depth to mitigate the Capital One breach issues? List 5 controls in the comments below.


In [None]:
# DiD Controls for Capital One
# Control 1: [e.g., WAF Rule Validation] - Applies to [e.g., Web Application Firewall] - Reason: [Prevents SSRF attacks]
# Control 2: [Your control here] - Applies to [Where] - Reason: [Why it helps]
# Control 3: [Your control here] - Applies to [Where] - Reason: [Why it helps]
# Control 4: [Your control here] - Applies to [Where] - Reason: [Why it helps]
# Control 5: [Your control here] - Applies to [Where] - Reason: [Why it helps]

# DiD Architecture Diagram for Capital One
with Diagram("Capital One DiD Architecture", show=False, direction="TB", outformat="png", filename="capitalone_did"):
    # Modify the base diagram to include your DiD controls
    pass  # Replace with actual diagram code

# Display the diagram
Image(filename="capitalone_did.png")


### DiD Controls Table
Fill in the table based on your controls above:

| **Control**                     | **Where It Applies**                              | **Reason (Rationale)**                                                                                  |
|---------------------------------|--------------------------------------------------|--------------------------------------------------------------------------------------------------------|
| [Control 1]                    | [Where]                                          | [Reason]                                                                                               |
| [Control 2]                    | [Where]                                          | [Reason]                                                                                               |
| [Control 3]                    | [Where]                                          | [Reason]                                                                                               |
| [Control 4]                    | [Where]                                          | [Reason]                                                                                               |
| [Control 5]                    | [Where]                                          | [Reason]                                                                                               |


## Zero Trust Architecture


### Question 11: Plan Your Zero Trust Controls
How will you apply Zero Trust to mitigate the Capital One breach issues? List 5 controls in the comments below.


In [None]:
# Zero Trust Controls for Capital One
# Control 1: [e.g., Least Privilege IAM] - Applies to [e.g., IAM Roles] - Reason: [Reduces over-privileged access]
# Control 2: [Your control here] - Applies to [Where] - Reason: [Why it helps]
# Control 3: [Your control here] - Applies to [Where] - Reason: [Why it helps]
# Control 4: [Your control here] - Applies to [Where] - Reason: [Why it helps]
# Control 5: [Your control here] - Applies to [Where] - Reason: [Why it helps]

# Zero Trust Architecture Diagram for Capital One
with Diagram("Capital One Zero Trust Architecture", show=False, direction="TB", outformat="png", filename="capitalone_zt"):
    # Modify the base diagram to include your Zero Trust controls
    pass  # Replace with actual diagram code

# Display the diagram
Image(filename="capitalone_zt.png")


### Zero Trust Controls Table
Fill in the table based on your controls above:

| **Control**                     | **Where It Applies**                              | **Reason (Rationale)**                                                                                  |
|---------------------------------|--------------------------------------------------|--------------------------------------------------------------------------------------------------------|
| [Control 1]                    | [Where]                                          | [Reason]                                                                                               |
| [Control 2]                    | [Where]                                          | [Reason]                                                                                               |
| [Control 3]                    | [Where]                                          | [Reason]                                                                                               |
| [Control 4]                    | [Where]                                          | [Reason]                                                                                               |
| [Control 5]                    | [Where]                                          | [Reason]                                                                                               |


## Adaptive Security Architecture


### Question 12: Plan Your Adaptive Security Controls
How will you apply Adaptive Security to mitigate the Capital One breach issues? List 5 controls in the comments below.


In [None]:
# Adaptive Security Controls for Capital One
# Control 1: [e.g., Dynamic Monitoring] - Applies to [e.g., Cloud Logs] - Reason: [Detects SSRF in real-time]
# Control 2: [Your control here] - Applies to [Where] - Reason: [Why it helps]
# Control 3: [Your control here] - Applies to [Where] - Reason: [Why it helps]
# Control 4: [Your control here] - Applies to [Where] - Reason: [Why it helps]
# Control 5: [Your control here] - Applies to [Where] - Reason: [Why it helps]

# Adaptive Security Architecture Diagram for Capital One
with Diagram("Capital One Adaptive Security Architecture", show=False, direction="TB", outformat="png", filename="capitalone_as"):
    # Modify the base diagram to include your Adaptive Security controls
    pass  # Replace with actual diagram code

# Display the diagram
Image(filename="capitalone_as.png")


### Adaptive Security Controls Table
Fill in the table based on your controls above:

| **Control**                     | **Where It Applies**                              | **Reason (Rationale)**                                                                                  |
|---------------------------------|--------------------------------------------------|--------------------------------------------------------------------------------------------------------|
| [Control 1]                    | [Where]                                          | [Reason]                                                                                               |
| [Control 2]                    | [Where]                                          | [Reason]                                                                                               |
| [Control 3]                    | [Where]                                          | [Reason]                                                                                               |
| [Control 4]                    | [Where]                                          | [Reason]                                                                                               |
| [Control 5]                    | [Where]                                          | [Reason]                                                                                               |


# Conclusion


### Question 13: Summarize Your Findings
Summarize the effectiveness of each architecture (DiD, Zero Trust, Adaptive Security) in mitigating the Equifax, SolarWinds, and Capital One breaches.


**Your Answer**: [Type your summary here]
