1. Introduction
Protecting computer networks from attack is an ongoing process. It begins at the very earliest stages of software design.
Code must be written to standards, checked and reviewed to ensure it does exactly what is intended without leaving gaps for malicious users to exploit or for ignorant users to accidentally damage.
Once the software is written, tested, and installed, people must be taught how to use it correctly. Policies must be laid in place so that security isn't compromised. And some vulnerabilities will only be obvious after the software has met with the real world, so tests and analyses must be carried out on a continuing basis.
This section will describe the various techniques and approaches used to ensure that network software remains resistant to failures, both intentional and accidental.