Đang chuẩn bị nút TẢI XUỐNG, xin hãy chờ
Tải xuống
I never cease to be amazed by the fact that you can’t take a class in Information Security without being told to do this or that in accordance with “your security policy”, but nobody ever explains what the policy is, let alone how to write or evaluate it. | Basic Security Policy Security Essentials The SANS Institute Information Assurance Foundations - SANS 2001 1 CONTRIBUTING AUTHORS Doug Austin Alexander Bryce Rob Dinehart Brian M. Estep Stephen Joyce Carol Kramer Randy Marchany Stephen Northcutt John Ritter Matt Scarborough Arrigo Triulzi Eric Cole Dyncorp Information Systems LLC Alexander Ltd. IBJ Whitelhall Financial Group Adelphia bitLab LLC SANS Institute Virginia Tech Computing Center Global Incident Analysis Center Intecs International Inc. IC Albourne Parners Ltd. SANS Institute 2 - 1 Preface I never cease to be amazed by the fact that you can t take a class in Information Security without being told to do this or that in accordance with your security policy but nobody ever explains what the policy is let alone how to write or evaluate it. That is why we undertook this research and education project into basic security policy. We hope you will find this module useful and that you will participate in its evolution. Consensus is a powerful tool. We need the ideas and criticisms from the information security community in order to make this The Roadmap a usable and effective policy. Thank you Stephen Northcutt Basic Security Policy - SANS 2001 2 I never cease to be amazed by the fact that you can t take a class in Information Security without being told to do this or that in accordance with your security policy but nobody ever explains what the policy is let alone how to write or evaluate it. That is why we undertook this research and education project into basic security policy. We hope you will find this module useful and that you will participate in its evolution. Consensus is a powerful tool. We need the ideas and criticisms from the information security community in order to make this The Roadmap a usable and effective policy. Thank you Stephen Northcutt 2 -2 Objectives Defining Security Policy Using Security Policy to Manage Risk Identifying Security Policy Evaluating Security Policy Issue-specific .
