Chapter 3: Intrusion PreventionAnchor: #EDHESKXX
Section 1: Intrusion Prevention PolicyAnchor: #i1070303
TxDOT’s Intrusion Prevention Policy is to establish a complex, layered, and overlapping approach that leverages people, processes, and technologies to monitor the environment, assess threats, and identify weaknesses. The intent of the policy is to protect information assets by verifying that individuals have authorized access and by preventing intentional and accidental use of TxDOT information throughout its lifetime, regardless of its location.
The Intrusion Prevention Policy has seven objectives aimed at preventing individuals with negligent or fraudulent behavior from abusing information assets. The objectives of this policy are:
- identify users and verify their authenticity
- control access
- protect the virtual perimeter
- monitor security efforts
- filter out malicious content
- conduct assessments to determine vulnerabilities and adjustments
- use cloud-based services safely.
Each of these objectives is discussed in the following sections of this chapter. The discussions provide a brief introduction of the objective, list the minimum protocol TxDOT must follow, and assign the responsibility for the work.