Security policies are driven by business requirements, and every business is different. A corporate policy that addresses information security must start with corporate data access needs and then describe how those needs will be satisfied in a secure manner. While a general security policy describes a framework for secure data access, a functional security policy must go deeper and define technical requirements that instantiate that framework (Coleman, Westcott, Harkins, & Jackman, 2010, p. 512).

From http://www.maxim-ic.com/app-notes/index.mvp/id/1890

Linux is the operating system (OS) of choice for low-level manipulation of devices and therefore the OS of choice for network attack tools. Windows utilities exist, but the Windows OS has evolved to a model where the OS is protected from and does not have access to raw devices. Linux does not have this limitation, so in choosing a network attack tool, Linux is a better platform than Windows. In addition, there are special-purpose Linux distributions for many interest areas, so by finding the right distribution, most tools will be natively provided.

The objective of a business impact analysis (BIA) is to identify processes and resources critical to business continuity (Gibson, 2011, p. 310). The analysis does not focus on systems but on processes that support the business’s critical success factors (CRFs) and the effect on the business of losing these processes during some period of time. Systems are only the means to enable processes and achieve CRFs. The BIA is primarily a data collection effort, and its component investigative efforts provide sequential inputs to the analysis.

In 1954, the Courier's ship's doctor was LTJG Ernest Robert Felix, USPHS, who lived with his wife, Jean, on the Greek island of Rhodes when their son Robin was born.

Cutter History:

Models are useful because of their ability to describe and prescribe the things they are modeling. That may sound obvious, but it means that they need not be exclusive, that different models can coexist because they each provide value. Just as architectural drawings, financial statements, and organization charts are different models that help describe an organization, the OSI model (ISO, 1994) and Backfield's NSM model (Backfield, 2008) both provide value added in their own way.

The trusted computing base (TCB) is the aggregate of all security mechanisms built into a computer system (Harris, 2010, p. 325), defined in the Orange Book (Department of Defense, 1985, p. 66) as “all of the elements of the system responsible for supporting the security policy and supporting the isolation of objects (code and data) on which the protection is based,” and equates the boundary of the TCB to the security perimeter of the system. TCB was a useful concept to define the set of computer system attributes to be evaluated when assessing the inherent security of that system.