Level of protection

Extent to which protective measures, techniques, and procedures must be applied to information systems and networks based on risk, threat, vulnerability, system interconnectivity considerations, and information assurance needs. Levels of protection are: 1. Basic: information system and networks requiring implementation of standard minimum security countermeasures. 2. Medium: information system and networks requiring layering of additional safeguards above the standard minimum security countermeasures. 3. High: information system and networks requiring the most stringent protection and rigorous security countermeasures.