Mission-Critical Security Planner When Hackers Won’t Take No for an Answer phần 8 pps

... Performance Review your security plan and work to address any areas where your security implementation could affect performance in a non-negligible way, or where something ... this handshake incurs a far greater performance impact than the standard encryption performed over an SSL session. IPSec ses- sions using PKI for authentication will also be CPU-intensive when any authenticati...

Ngày tải lên: 13/08/2014, 22:21

... “partner.” Companies form partnerships with companies and 120 Chapter 3 Worksheet 3.14 Security Stack Worksheet for Integrity. Security Stack Worksheet for Integrity IMPACT ANALYSIS ID BEFORE PLAN PERCENT IMPROVEMENT ... through its primary mechanism, is an important part of your security plan. Unfortunately, key recovery opens another can of worms relating to an individual’s p...

Ngày tải lên: 13/08/2014, 22:21

... your software. 2 08 Chapter 4 STAFF Be prepared to answer this question: What can I do, what can’t I do? Staff will specifically want to know what they can and cannot do. Docu- ment the answers to these ... files) before and after the installation. Subtle changes can be dangerous. Look for changes made by the application that simply make no sense. Especially keep an eye out for ch...

Ngày tải lên: 13/08/2014, 22:21

... server) was not adequately protected. A Security Plan That Works 55 Anatomy of an Effective Security Plan An effective security plan incorporates three main components (see Figure 2.1): ■■ A security- centric ... people make when planning security: Figure 2.5 Relationship between security template and security elements. Security Stack Life Cycle Management Security Ele...

Ngày tải lên: 13/08/2014, 22:21

... encryption, and real-time intrusion detection and vulnera- bility analysis all consume resources of one form or another, security can slow things down. Therefore, your security plan should try to anticipate ... this chapter and Chapter 4, you can—and should—consider the notion of role-based access control and make an effort to architect it into your security solution. Using the Secu...

Ngày tải lên: 13/08/2014, 22:21

... 3.22 Security Stack Worksheet for Privacy. (continued) Implement an overall security architecture that protects information privacy according to the impact analysis plan. If an organization, for example, ... so not only can hurt these people, but also can cause considerable public embarrassment for the company. 1 78 Chapter 3 Worksheet 3.21 Selling Security Worksheet for N...

Ngày tải lên: 13/08/2014, 22:21

... aspects of your security plan, such as content management, to limit what they can and cannot do. As with your security architecture as a whole, and in accordance with your IDS/VA policies and procedures, ... 4.21 Security Stack Worksheet for Intrusion Detection and Vulnerability Analysis. Security Stack Worksheet for Intrusion Detection and Vulnerability Analysis IMPACT ANALYSIS I...

Ngày tải lên: 13/08/2014, 22:21

... Achieve balance when planning. Avoid the extreme practices of ultra- planning and nonplanning. A lack of focus is the enemy of security. Prioritize and focus your information and infrastructure security ... security planning and budgets. Regularly perform impact analyses. Create a cross-organizational security planning team with an executive mandate. Manage the effectiveness of...

Ngày tải lên: 13/08/2014, 22:21

... technologies, password, 53 workflow, PKI integration, 343–344 worksheets guidelines, 81 82 Impact Analysis Summary, 87 Key Relationships, 81 notetaking, 187 online URL, 80 organization, 80 –90 organization ... control, 284 auditing tools, 281 buffer overflow protection, 284 Business Worksheet, 291–294 cache maintenance, 281 code signing, 281 configuration management, 283 crypt...

Ngày tải lên: 13/08/2014, 22:21