摘要:The organization tryin g to manage information s ecurity m anu ally or auto matically. Th e prelimin ary taskis to first und erstand and id en tify in g the secu rity requirements, wh ich g en erally includes everything startingfrom hardware, software and in fo rmation assets, threats an d vuln erabilities asso ciated with th em , differen tn etwo rk co nnections and topo logies u sed for trans ferring information to and from the enterprise.Security infrastru ctu re adviso ry is a specified set of entities, b oth p hysical as well as software, in o rderto im plement the set of id en tified controls. It tells an ind iv idual/organization the details reg ardin g thes ecurity too ls and th e exact locatio n o f security tools, req uired to mitigate the secu rity risk s of theo rg an ization . In this phase, th e security infrastructure adv isories for differen t ass ets and platfo rms areg enerated. After gettin g the secu rity in frastructure sp ecification , the organizatio n decides on the particularin frastru ctu re that it wo uld like to im plement
关键词:Information Secu rity; in fras tructure adviso ry ; security tools; n etwork s ecurity
