The scheme covers five key areas:
Secure configuration - The security measures required when building and installing computers and network devices to reduce unnecessary vulnerabilities.
Boundary firewalls and internet gateways - Providing a basic level of protection where an organisation connects to the internet.
Access control and administrative privilege management - Protecting user accounts and helping prevent misuse of privileged accounts.
Patch management - Keeping the software used on computers and network devices up to date and resisting low level cyber-attacks.
Malware protection - Protecting against a broad range of malware, including computer viruses, worms, spyware, botnet software and ransomware.