All security controls should be built on the concept of preventive security .
所有的安全相關的控制都是建立在"預防,防止preventive”基礎上的
To take this concept further, what you can't prevent, you should be able to detect, and if you detect something, it means you weren't able to prevent it, and therefore you should take corrective action to make sure it is indeed prevented the next time around.
這個概念上延展一下,如果你不能預防該, 你應該能夠探測(detect)得到,如果你可以探測到什麽東西,就意味著你不能預防它,並且你應該對它有矯正(corrective)的行動,確保不會出現下一次
therefore, all three types work together: preventive ,detective and corrective.
因此,這三種類型的控制應該一起工作: 預防,探測和矯正.
没有评论:
发表评论