TAILIEUCHUNG - defense in depth

Defense in Depth is practical strategy for achieving Information Assurance in today’s highly networked environments. It is a “best practices” strategy in that it relies on the intelligent application of techniques and technologies that exist today. The strategy recommends a balance between the protection capability and cost, performance, and operational considerations. This paper provides an overview of the major elements of the strategy and provides links to resources that provide additional insight | Defense in Depth A practical strategy for achieving Information Assurance in today s highly networked environments. Introduction. Defense in Depth is practical strategy for achieving Information Assurance in today s highly networked environments. It is a best practices strategy in that it relies on the intelligent application of techniques and technologies that exist today. The strategy recommends a balance between the protection capability and cost performance and operational considerations. This paper provides an overview of the major elements of the strategy and provides links to resources that provide additional insight. Adversaries Motivations Classes of Attack. To effectively resist attacks against its information and information systems an organization needs to characterize its adversaries their potential motivations and their classes of attack. Potential adversaries might include Nation States Terrorists Criminal Elements Hackers or Corporate Competitors. Their motivations may include intelligence gathering theft of intellectual property denial of service embarrassment or just pride in exploiting a notable target. Their classes of attack may include passive monitoring of communications active network attacks close-in attacks exploitation of insiders and attacks through the industry providers of one s Information Technology resources. It s also important to resist detrimental effects from non-malicious events such as fire flood power outages and user error. Information Assurance. Information Assurance is achieved when information and information systems are protected against such attacks through the application of security services such as Availability Integrity Authentication Confidentiality and Non-Repudiation. The application of these services should be based on the Protect Detect and React paradigm. This means that in addition to incorporating protection mechanisms organizations need to expect attacks and include attack detection tools and procedures .

TỪ KHÓA LIÊN QUAN
TAILIEUCHUNG - Chia sẻ tài liệu không giới hạn
Địa chỉ : 444 Hoang Hoa Tham, Hanoi, Viet Nam
Website : tailieuchung.com
Email : tailieuchung20@gmail.com
Tailieuchung.com là thư viện tài liệu trực tuyến, nơi chia sẽ trao đổi hàng triệu tài liệu như luận văn đồ án, sách, giáo trình, đề thi.
Chúng tôi không chịu trách nhiệm liên quan đến các vấn đề bản quyền nội dung tài liệu được thành viên tự nguyện đăng tải lên, nếu phát hiện thấy tài liệu xấu hoặc tài liệu có bản quyền xin hãy email cho chúng tôi.
Đã phát hiện trình chặn quảng cáo AdBlock
Trang web này phụ thuộc vào doanh thu từ số lần hiển thị quảng cáo để tồn tại. Vui lòng tắt trình chặn quảng cáo của bạn hoặc tạm dừng tính năng chặn quảng cáo cho trang web này.