Đang chuẩn bị nút TẢI XUỐNG, xin hãy chờ
Tải xuống
Now that we know the tools and the primary concepts, this part of the course is designed to help you pull everything together. This section is especially important if you need to present security proposals to management. Your next slide, titled Risk Management – Where do I Start presents the roadmap we showed you almost at the beginning of the course. We will bet you have a much clearer idea of how to analyze risks and establish a security infrastructure at this point. Let’s go take a look at the roadmap!. | Risk Management The Big Picture - Part VI Risk Assessment and Auditing Information Risk Management - SANS 2001 1 Now that we know the tools and the primary concepts this part of the course is designed to help you pull everything together. This section is especially important if you need to present security proposals to management. Your next slide titled Risk Management - Where do I Start presents the roadmap we showed you almost at the beginning of the course. We will bet you have a much clearer idea of how to analyze risks and establish a security infrastructure at this point. Let s go take a look at the roadmap 6 - 1 Risk Management - Where do I Start Write the security policy with business input Analyze risks or identify industry practice for due care analyze vulnerabilities Set up a security infrastructure Design controls write standards for each technology Decide what resources are available prioritize countermeasures and implement top priority countermeasures you can afford Conduct periodic reviews and possibly tests Implement intrusion detection and incident response Information Risk Manage ment - SANS 2001 2 This slide is the result of a long international flight. Several top experts in information security were on the plane and this is the roadmap they developed. So far in the entire course we haven t read a slide to you so please relax and listen Write the security policy with business input Analyze risks or identify industry practice for due care analyze vulnerabilities Set up a security infrastructure Design controls write standards for each technology Decide what resources are available prioritize countermeasures and implement top priority countermeasures you can afford Conduct periodic reviews and possibly tests Implement intrusion detection and incident response Students that complete Security Essentials certification are well on their way to accomplishing each of these tasks you will learn how to do policy and about the tools you can use for .
