Security requirements specify system resilience against threats to confidentiality, integrity and availability.
Read/write access limitations
Defense against malicious attack (like viruses or hackers)
Identify roles of administrator, groups, guests, and clients
How do "roles" differ from "groups"? The statement above seems to put "groups" on the same level as "administrator", "guests" and "clients", which 3 things I think would be able to be described as "roles" or "groups" interchangeably...
Identify impact on existing environment
Establish fault tolerance
Plan for maintainability
Plan distribution of security database
Establish security context
Plan for auditing
Identify level of security needed
Analyze existing mechanisms for security policies
Plan for offsite data archives
Business Resumption Plan (BRP) (in case of disaster, natural or otherwise)
Support from Management on the whole plan.
Category Requirements Category Project Management Category Exam 70-100
( Topic last updated: 2004.01.16 11:55:22 AM )