CHAPTER 1

Risk Management

“It seems to me that if there were any logic to our language, trust would be a four-letter word.”

—Joel Goodson, Risky Business

IT security professionals walk a tight line between keeping systems safe from inside and outside threats and making resources available to people who need them. Perfectly secure systems would allow no access, right? If attackers can’t access the systems, they can’t break or steal anything. But such “perfect” security clearly blocks legitimate users from using resources to produce anything of value. Conversely, a wide-open system provides great access for creativity and production, but also provides access to malicious people.

Security professionals provide a space in between, with enough security ...

Get Mike Meyers' CompTIA Security+ Certification Guide, Third Edition (Exam SY0-601), 3rd Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.