Network Security requirements, Slides of Network security

Network Security is about the walls, guards, and gates. It involves the tools and policies used to defend the network from external attacks and internal misuse. Its core goal is to protect the Confidentiality.

Typology: Slides

2024/2025

Available from 09/30/2025

naeem-sajjad
naeem-sajjad 🇸🇬

6 documents

1 / 6

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
.
.
pf3
pf4
pf5

Partial preview of the text

Download Network Security requirements and more Slides Network security in PDF only on Docsity!

Security Functional Requirements CT Minimum Security Requirements The minimum security requirements cover seventeen security-related areas with regard to protecting the confidentiality, integrity, and availability of information systems and the information processed, stored, and transmitted by those systems. FIPS 200 standards issued by NIST after approval of US government. 1) Access Control: Limit information system access to authorized users, processes acting on behalf of authorized users. 2) Awareness and Training: Ensure that employee are adequately trained to carry out their assigned information security-related duties and responsibilities. 3) Audit and Accountability: Ensure that the actions of individual information system users can be uniquely traced to those users so they can be held accountable for their actions. 8) Incident Response: Establish an operational incident-handling capability for organizational ‘ information systems Ee 9) Maintenance: Perform periodic and timely maintenance on organizational information 4 systems. =2 4 10) Media Protection: Protect information system media, both paper and digital ; Sc o : ; ; 7 11) Physical and Environmental Protection: % vs Limit physical access to information systems, = equipment, and the respective operating ’ ee environments to authorized individuals. 12) 13) 14) 15) Planning: Develop, document, periodically update, and implement security plans for organizational information systems that describe the security controls in place Personnel Security: Ensure that individuals occupying positions of responsibility within organizations are trustworthy and meet established security criteria for those positions and ensure that organizational information and information systems are protected during and after personnel actions such as terminations and transfers. Risk Assessment: Periodically assess the risk to organizational operations (including mission, functions, image, or reputation), organizational assets, and | individuals. Systems and Services Acquisition: Allocate sufficient resources to adequately protect organizational information systems. employ software usage and installation restrictions etc. 2 ze poe