|
|
A security policy defines the rules that regulate how your organization manages and protects computing resources to achieve security objectives. For responding to intrusions, one of the policys primary purposes is to document the threats you intend to guard against and the actions you intend to take in response to a successful attack.
Response procedures describe how the response policies will be implemented throughout your organization, e.g., who to notify, at what point in the response procedure, and with what types of information. From these procedures, all concerned parties are able to determine what operational steps they need to take to comply with your policies and, thereby, respond in a manner that upholds the security objectives for your organizations information and networked systems.
This practice describes a subset of the topics your intrusion response policies and procedures should address. Additional policy and procedure information is contained in the other practices of this module where it is most applicable. This language needs to be tailored to reflect the specific business objectives and security requirements of your organization and its computing environment. The details of procedures used to address specific types of intrusions may vary.
интернет-магазин сантехники дизайн ванных
|
|
|