2 cissp ® Official Study Guide Eighth Edition



Download 19,3 Mb.
Pdf ko'rish
bet381/881
Sana08.04.2023
Hajmi19,3 Mb.
#925879
1   ...   377   378   379   380   381   382   383   384   ...   881
Bog'liq
(CISSP) Mike Chapple, James Michael Stewart, Darril Gibson - CISSP Official Study Guide-Sybex (2018)

401
Secure Facility Plan

secure facility plan
outlines the security needs of your organization and emphasizes 
methods or mechanisms to employ to provide security. Such a plan is developed through a 
process known as critical path analysis. 
Critical path analysis
is a systematic effort to iden-
tify relationships between mission-critical applications, processes, and operations and all 
the necessary supporting elements. For example, an e-commerce server used to sell prod-
ucts over the web relies on internet access, computer hardware, electricity, temperature 
control, storage facility, and so on.
When critical path analysis is performed properly, a complete picture of the interde-
pendencies and interactions necessary to sustain the organization is produced. Once that 
analysis is complete, its results serve as a list of items to secure. The first step in designing a 
secure IT infrastructure is providing security for the basic requirements of the organization 
and its computers. These basic requirements include electricity, environmental controls (in 
other words, a building, air conditioning, heating, humidity control, and so on), and water/
sewage.
While examining for critical paths, it is also important to evaluate completed or poten-
tial technology convergence. 
Technology convergence
is the tendency for various technolo-
gies, solutions, utilities, and systems to evolve and merge over time. Often this results in 
multiple systems performing similar or redundant tasks or one system taking over the fea-
ture and abilities of another. While in some instances this can result in improved efficiency 
and cost savings, it can also represent a single point of failure and become a more valuable 
target for hackers and intruders. For example, if voice, video, fax, and data traffic all share 
a single connection path rather than individual paths, a single act of sabotage to the main 
connection is all that is required for intruders or thieves to sever external communications.
Security staff should participate in site and facility design considerations. Otherwise, 
many important aspects of physical security essential for the existence of logical security 
may be overlooked. With security staff involved in the physical facility design, you can be 
assured that your long-term security goals as an organization will be supported not just by 
your policies, personnel, and electronic equipment, but by the building itself.

Download 19,3 Mb.

Do'stlaringiz bilan baham:
1   ...   377   378   379   380   381   382   383   384   ...   881



Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©hozir.org 2024
ma'muriyatiga murojaat qiling
kiriting | ro'yxatdan o'tish
    Bosh sahifa
юртда тантана
Боғда битган
Бугун юртда
Эшитганлар жилманглар
Эшитмадим деманглар
битган бодомлар
Yangiariq tumani
qitish marakazi
Raqamli texnologiyalar
ilishida muhokamadan
tasdiqqa tavsiya
tavsiya etilgan
iqtisodiyot kafedrasi
steiermarkischen landesregierung
asarlaringizni yuboring
o'zingizning asarlaringizni
Iltimos faqat
faqat o'zingizning
steierm rkischen
landesregierung fachabteilung
rkischen landesregierung
hamshira loyihasi
loyihasi mavsum
faolyatining oqibatlari
asosiy adabiyotlar
fakulteti ahborot
ahborot havfsizligi
havfsizligi kafedrasi
fanidan bo’yicha
fakulteti iqtisodiyot
boshqaruv fakulteti
chiqarishda boshqaruv
ishlab chiqarishda
iqtisodiyot fakultet
multiservis tarmoqlari
fanidan asosiy
Uzbek fanidan
mavzulari potok
asosidagi multiservis
'aliyyil a'ziym
billahil 'aliyyil
illaa billahil
quvvata illaa
falah' deganida
Kompyuter savodxonligi
bo’yicha mustaqil
'alal falah'
Hayya 'alal
'alas soloh
Hayya 'alas
mavsum boyicha

yuklab olish