6679ChapterSecurityArchitectureandDesignGaryMcIntyre,CISSPandMickiKrause,CISSPContentsIntroduction.....................................................................................................668CISSPExpectations...........................................................................................669What,Why,andHow...................................................................................670What?......................................................................................................670Why?.......................................................................................................670How?.......................................................................................................671TheBasicsofSecureDesign..............................................................................671CommonArchitectureFrameworks..............................................................671ZachmanFramework...............................................................................672SherwoodAppliedBusinessSecurityArchitecture(SABSA)Framework...............................................................................................672TheOpenGroupArchitectureFramework(TOGAF)..............................673ITInfrastructureLibrary(ITIL)...............................................................673CapturingandAnalyzingRequirements.......................................................676CreatingandDocumentingSecurityArchitecture.........................................678ISO/IEC27001and27002SecurityStandards........................................679ControlObjectsforInformationandRelatedTechnology(COBIT)..............................................................................681©2010byTaylorandFrancisGroup,LLC668◾Official(ISC)2GuidetotheCISSPCBKVerifyingSecurityArchitecture.....................................................................682CommonFormalSecurityModels..............................................
