This chapter is from the book
Summary
Whether you prefer to classify threats by their locationinternal or externalor by their typereconnaissance, unauthorized access, denial of service, or data manipulationdepends on your preference as much as it depends on what you see happening in your network. When it comes time to do something about the threat, however, the first thing you need is a security policy, so that's where we'll turn next.