Definition[edit | edit source]
Security functionality is
|“||security-related features, functions, mechanisms, services, procedures, and architectures implemented within organizational information systems or the environments in which those systems operate.||”|
Overview[edit | edit source]
Security functionality can be obtained by employing within the information systems and supporting infrastructure of the organization, a combination of management, operational, and technical security controls.
References[edit | edit source]
- NIST Special Publication SP 800-171, App. B, at B-7.
- "Management and operational security controls" are typically deployed within the organizational infrastructure that supports the information systems and include, for example: intrusion detection and protection capabilities; contingency planning capabilities; physical and environmental protection capabilities; awareness and training capabilities; and personnel security capabilities.
- "Technical security controls" include, for example: physical and logical access control mechanisms; identification and authentication mechanisms; auditing/accountability mechanisms; encryption mechanisms; and system and communications protection mechanisms.
See also[edit | edit source]
Community content is available under CC-BY-SA unless otherwise noted.