Practicing the Rules
Throughout this book, we have looked at the world of information security, its virtues, rules, and concepts. For the last part of the book, it only seems right to talk about this information as it applies to the most common decisions made in information security. Of course, the virtues, rules, and concepts are universal and should be applied in most security practices. As such, this section is more of an example and guide in applying the information within specific topics.
I have selected the following topics since they all require serious attention from security and they apply to most organizations. There are many books that simply focus on one or two of the following topics in more detail. Here we are going to cover some of the essentials of each topic as they relate to the development of the security mind.
Perimeter defenses
Internal defenses
Physical defenses
Server and device defenses
Outbound Internet access
Logging and monitoring
Authentication