Home > Articles > Cisco Certification > Network Security Concepts and Policies

Network Security Concepts and Policies

Chapter Description

In this chapter, you learn how to develop a comprehensive network security policy to counter threats against information security. You also learn about possible threats and how to describe and implement the process of developing a security policy.


To have a comprehensive security solution, it is important to cover all aspects of the operation of an organization. Comprehensive security requires suitable reliance on technical, physical, and administrative controls; implementing defense in depth; and developing an all-inclusive security policy. You will also be required to demonstrate forward thinking, taking into consideration the threats of tomorrow.

In this chapter you have learned that

  • The confidentiality, integrity, and availability of the data need to be protected.
  • Assets, vulnerabilities, and countermeasures can be classified to assist in developing a comprehensive set of security policies.
  • New trends and threats are appearing frequently in the borderless network environment where we are evolving.
  • To provide a comprehensive security solution, it is essential that there be a combination of technical, physical, and administrative controls in place.
  • Defense in depth is a philosophy used to provide layered security to a system by using multiple security mechanisms.
  • A security policy is a set of objectives for the company, rules of behavior for users and administrators, and requirements for system and management that collectively ensures the security of network and computer systems in an organization.
6. References | Next Section Previous Section