Security components can be techincal(firewall,encryption,and access control list) or nontechnical(security policy,procedures,and compliance enforcement).