Which one is the most important based on the following common elements of a network design?
A.
Business needs
B.
Best practices
C.
Risk analysis
D.
Security policy
Explanation/Reference:
A common temptation when designing a security solution for a network is to make the network so secure that it cannot easily
be used for its intended purpose. Therefore, when designing a network security solution, designers should recognize that business
needs supersede all other needs. However, other factors do enter into the design equation.Consider the following elements of a secure network design:
* Business needs: Business needs dictate what an organization wants to accomplish with
its network. Note that this need is the most important of all the needs.* Risk analysis: As previously discussed, a comprehensive risk analysis can be used to
assign an appropriate level of resources (for example, an appropriate amount of money) to
a potential security risk.*Security policy: Earlier in this chapter you read about the elements of a security policy. A
security policy typically contains multiple documents, targeting specific audiences within
an organization. These individual documents provide day-to-day guidance, relating to
network security, for all organizational employees.* Best practices: Rather than the mandatory rules imposed by a security policy, a set of
best practices (developed internally and/or externally) can offer proven methods for
achieving a desired result.* Security operations: Day-to-day security operations entail responding to an incident,
monitoring and maintaining a system, and auditing a system (to ensure compliance with
an organization’s security policy).