Slide 25
Slide 25 text
What to
include?
Trust nothing, verify
everything.
Authentication
Password/MFA policies, machine access to services
Authorization
Networking, identity and access management,
libraries
Audit
Hard mandatory, soft mandatory, and advisory policy
types