لطفا منتظر باشید ...
Foundation Summary
The "Foundation Summary" section of each chapter lists the most important facts from the chapter. Although this section does not list every fact from the chapter that will be on your CSI exam, a well-prepared CSI candidate should at a minimum know all the details in each "Foundation Summary" section before taking the exam.There are two primary reasons for the increasing threat to networks:
- The ubiquity of the Internet
- The pervasiveness of easy-to-use operating systems and development environments
A security policy defines the framework that is used to protect the assets that are connected to a network. The main goal of a security policy is to ensure that system users, staff, and managers are informed of their responsibilities for protecting corporate technology and information assets.The two general types of network security policies are
- Permissive policies
- Restrictive policies
To be effective, a security policy must
- Be enforceable and apply to everyone
- Be capable of being implemented through system administration procedures and through the publication of acceptable-use guidelines or other appropriate methods
- Clearly define the areas of responsibility and the roles of users, administrators, and management
The key trade-offs to consider when establishing the security goals of a security policy include the following:
- The risks of offering some services versus the overall level of security provided
- The ease of use of the network versus the desired security level
- The cost of implementing the desired security versus the potential cost of losing confidential information, privacy, or service
The two basic elements that are determined during a security risk assessment are the following:
- Which assets need to be protected. The basic aim for each asset is to ensure the CIA of the asset.
- What the threats are to those assets.
Threats can be further defined through three elements:
- The consequences of the threat if nothing is done
- How often the threat may occur
- The measure of the likelihood that the threat will occur
Risk assessment is a method that enables an organization to quantify the level of risk that is inherent in a system. The first step in risk assessment is to identify assets such as hardware, software, and intellectual property. The second step is to identify the threats to the assets. These threats include unauthorized access to resources and information, unintentional or unauthorized disclosure of information, and DoS.A successful security policy can be subdivided into smaller policies, each covering a specific topic related to the overall security of the network. Some of these "subpolicies" include the following:
- Acceptable-use policy
- Authentication policy
- Accountability policy
- Access policy
- Privacy policy
- Violations-reporting policy
In the Security Wheel concept, network security is treated as a continuous process that is built around the corporate security policy. This process is divided into four phases:
- Securing the network.
- Monitoring the network.
- Testing the security of the network.
- Improving the security of the network.
