The proactive services provided aim to strengthen the infrastructure and security processes, before the detection of any security incident or event. The main objectives are to avoid incidents and to decrease the impact surface in case of occurrence.
The constituency can be any user mentioned by the law, for which the Special Telecommunications Service organises and coordinates state communications-related activities.
The main types of evaluation, tests and audit which can be achieved include:
- auditing IT&C infrastructure - requires hardware and software configurations assessment, data communication or informatics in order to verify compliance with the security policies of the client;
- best practice type assessment - based on interviews with staff or network, system or security administrators to determine whether the methods and workflow comply with clients security policies or other security standards;
- vulnerabilities scanning - using vulnerabilities scanners to determine which systems or networks are vulnerable;
- penetration testing - security testing by performing controlled attacks on systems and networks.