This capability describes what you should consider implementing in your IT infrastructure to help guarantee that information and communication are protected from unauthorised access. This capability also describes mechanisms to protect your IT infrastructure from denial attacks and viruses while preserving access to corporate resources.