2 cissp ® Official Study Guide Eighth Edition



Download 19,3 Mb.
Pdf ko'rish
bet363/881
Sana08.04.2023
Hajmi19,3 Mb.
#925879
1   ...   359   360   361   362   363   364   365   366   ...   881
Bog'liq
(CISSP) Mike Chapple, James Michael Stewart, Darril Gibson - CISSP Official Study Guide-Sybex (2018)

Hardware Segmentation
Hardware segmentation
is similar to process isolation in purpose—it prevents the access 
of information that belongs to a different process/security level. The main difference is that 

Essential Security Protection Mechanisms 
383
hardware segmentation enforces these requirements through the use of physical hardware 
controls rather than the logical process isolation controls imposed by an operating system. 
Such implementations are rare, and they are generally restricted to national security imple-
mentations where the extra cost and complexity is offset by the sensitivity of the informa-
tion involved and the risks inherent in unauthorized access or disclosure.
Security Policy and Computer Architecture
Just as security policy guides the day-to-day security operations, processes, and procedures 
in organizations, it has an important role to play when designing and implementing sys-
tems. This is equally true whether a system is entirely hardware based, entirely software 
based, or a combination of both. In this case, the role of a security policy is to inform and 
guide the design, development, implementation, testing, and maintenance of a particular 
system. Thus, this kind of security policy tightly targets a single implementation effort. 
(Although it may be adapted from other, similar efforts, it should reflect the target as accu-
rately and completely as possible.)
For system developers, a security policy is best encountered in the form of a document that 
defines a set of rules, practices, and procedures that describe how the system should manage, 
protect, and distribute sensitive information. Security policies that prevent information flow 
from higher security levels to lower security levels are called multilevel security policies. As a 
system is developed, the security policy should be designed, built, implemented, and tested as 
it relates to all applicable system components or elements, including any or all of the follow-
ing: physical hardware components, firmware, software, and how the organization interacts 
with and uses the system. The overall point is that security needs be considered for the entire 
life of the project. When security is applied only at the end, it typically fails.

Download 19,3 Mb.

Do'stlaringiz bilan baham:
1   ...   359   360   361   362   363   364   365   366   ...   881



Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©hozir.org 2024
ma'muriyatiga murojaat qiling
kiriting | ro'yxatdan o'tish
    Bosh sahifa
юртда тантана
Боғда битган
Бугун юртда
Эшитганлар жилманглар
Эшитмадим деманглар
битган бодомлар
Yangiariq tumani
qitish marakazi
Raqamli texnologiyalar
ilishida muhokamadan
tasdiqqa tavsiya
tavsiya etilgan
iqtisodiyot kafedrasi
steiermarkischen landesregierung
asarlaringizni yuboring
o'zingizning asarlaringizni
Iltimos faqat
faqat o'zingizning
steierm rkischen
landesregierung fachabteilung
rkischen landesregierung
hamshira loyihasi
loyihasi mavsum
faolyatining oqibatlari
asosiy adabiyotlar
fakulteti ahborot
ahborot havfsizligi
havfsizligi kafedrasi
fanidan bo’yicha
fakulteti iqtisodiyot
boshqaruv fakulteti
chiqarishda boshqaruv
ishlab chiqarishda
iqtisodiyot fakultet
multiservis tarmoqlari
fanidan asosiy
Uzbek fanidan
mavzulari potok
asosidagi multiservis
'aliyyil a'ziym
billahil 'aliyyil
illaa billahil
quvvata illaa
falah' deganida
Kompyuter savodxonligi
bo’yicha mustaqil
'alal falah'
Hayya 'alal
'alas soloh
Hayya 'alas
mavsum boyicha

yuklab olish