1.6. Summary

In this chapter, we covered the key elements that an information security specialist should consider. Every organization has a different set of priorities and a different focus when it comes to security. Your responsibility is to take this information and create or maintain a security-oriented environment to address these priorities and concerns.

You'll encounter the following primary areas of responsibility:

  • Physical security

  • Operational security

  • Management and policies

You should consider actions that you perform in this environment to accomplish one or more of the goals of information security:

  • Prevention

  • Detection

  • Response

Security is a set of processes and products. In order for a security program to be effective, all of the following parts must work and be coordinated by the organization:

  • Antivirus software

  • Access control

  • Authentication

Typically, your network will run many different protocols and services. These protocols allow connections to other networks and products. However, they also create potential vulnerabilities that must be understood. You must work to find ways to minimize the vulnerabilities. Many protocols and services offered by modern operating systems are highly vulnerable to attack. New methods of attacking these systems are developed every day.

Security topologies provide a mechanism to design networks that have multiple ways of implementing security. Design goals for a security topology must address these four areas of security to be effective:

  • Confidentiality

  • Integrity

  • Availability

  • Accountability

Your network can be made more secure by considering the impact of security zones and access. Here are the three most common security zones you'll encounter in the workplace:

  • Internets

  • Intranets

  • Extranets

You can improve the likelihood of a successful security implementation if you consider putting externally accessed servers into areas called DMZs.

You can take advantage of several technologies to minimize your network's risk of being compromised:

  • VLANs

  • NAT

  • Tunneling

The final part of this chapter discussed business requirements in a security environment:

  • Identifying assets

  • Assessing risks

  • Identifying threats

  • Evaluating vulnerabilities

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
18.225.55.151