CHAPTER 17Security Policies
In this chapter, you will
• Understand the difference between general and functional policies
• Define infrastructure management policies
• Review common policies
• Consider regulatory compliance issues
Security policies define the constraints within which a network or system must operate. Policies vary from organization to organization and this variance is appropriate. For example, one organization (we’ll call them the high risk organization) may require ten-character passwords to sufficiently secure their logons, while another organization (we’ll call them the low risk organization) requires only seven characters. The difference in security policies is based on the differences in security threats and asset values. ...