Preview

erwerew

Good Essays
Open Document
Open Document
1548 Words
Grammar
Grammar
Plagiarism
Plagiarism
Writing
Writing
Score
Score
erwerew
http://www.us-cert.gov/ and http://www.sans.org/newsletters/

第一章:
Object:

IS define:well-informed sense of assurance that the information risks and controls are in balance

History of IS: computer security began after first mainframes were developed
Rand Report R-609 computer security(physical security) into information security:safety of data, limiting unauthorized access to data, involvement of personnel from multiple leves of an organization

Key words and concepts: multiple layers of secutity: physical, personnel, operations, communications, network, Information
Information security: protection of information and its critical elements: systems and hardwares that use, store and transmit information
Component of Info. System: software, hardware, people, data, procesures, networks
CIA triangle(industry standard for computer security): confidentiality, integrity, availability
Some key words: object, access, asset, attack, exploit, loss, exposure, protection profile, subject, control, risk, threat, threat agent, vulnerability
Concepts:security should be a balance between protection and availability
Infromation’s characteristics: availability, accuracy, authenticity, confidentiality,
(the value of information comes from) integrity, utility, possession
Approaches to is implementation: bottom-up: advantage:technical expertise of
(less use) individual administrator dis: lack participant support and organizational staying power top-down: initiated by upper management (widely use) also called systems development life cycle Security systems life cycle: investigation: EISP outlines the implementation (methodology different from traditions) analysis:1 risk management 2 legal issue 3 analysis policies and programs 4 analysis

You May Also Find These Documents Helpful

  • Better Essays

    To properly secure an information system means protecting its files and other confidential information from misuse. The current speed of technological growth requires ever evolving security measures to follow these developments. As the members of Team “A” set out to address this need, it was necessary to discuss the requirements. The foundation of all concrete security plans require a detailed knowledge of all current systems, the tools needed to accomplish security needs and employee training. The implementation of these requirements will be outlined within a final Security Presentation.…

    • 2101 Words
    • 8 Pages
    Better Essays
  • Good Essays

    This report gives a brief description the general security solutions planned for the safety of data and information that belongs to the organization. The outline will provide elements of a multi-layered security plan, and will indicate a general security solution for each of the seven domains of a typical IT infrastructure. Also I will describe a layer of security for each of the seven domains.…

    • 801 Words
    • 4 Pages
    Good Essays
  • Good Essays

    NT2580 Project part 1

    • 606 Words
    • 3 Pages

    Safety of data and information is a real important aspect of a company. Before we can create an outline for general security solutions we must first define what is needed. I recommend that we use a multi-layered security plan. There are a total of seven domains of an IT infrastructure including user domain, workstation domain, LAN domain, LAN-to-WAN domain, WAN domain, remote access domain, and system/application domain.…

    • 606 Words
    • 3 Pages
    Good Essays
  • Better Essays

    Cmgt400 Week3

    • 1493 Words
    • 6 Pages

    References: 1. (2010). Principles of Computer Security: CompTIA Security+ and Beyond (2nd ed.). : McGraw-Hill.…

    • 1493 Words
    • 6 Pages
    Better Essays
  • Powerful Essays

    Nt1310 Unit 1 Assignment 1

    • 1434 Words
    • 6 Pages

    Information has become the most valuable asset of any organization. And keeping that information secure is a major factor in the design and development of any computer system. Security is defined by Merriam-Webster as “the state of being protected or safe from harm”. It is up to every organization to insure that their data is protected, and that nothing that is harmful to the company or its clients is compromised.…

    • 1434 Words
    • 6 Pages
    Powerful Essays
  • Good Essays

    Nt1310 Final Exam

    • 3599 Words
    • 15 Pages

    b. Information security is necessary for protecting confidentiality, privacy, integrity of processing, and availability of information resources. (Correct. As Figure 8-2 shows, security is the foundation for achieving the other four components of system reliability.)…

    • 3599 Words
    • 15 Pages
    Good Essays
  • Powerful Essays

    Kudler Security Report

    • 8349 Words
    • 34 Pages

    7. Communications and operations management: Incorporates operational procedures and responsibilities, third-party service delivery management, systems palnning and acceptance, protection against malicious and mobile code, backup, network security management, media handling, exchange of information, electronic commerce services and monitoring…

    • 8349 Words
    • 34 Pages
    Powerful Essays
  • Good Essays

    BSA/310

    • 674 Words
    • 3 Pages

    In business, an information security is a set of policies to protect the companies and small businesses infrastructure, physical, and information technology assets, and to ensure that information technology users within the domain of the companies and small businesses comply with the rules and guidelines related to the security of the information stored digitally at any network within the boundaries of authority. In short, it can protect data from the outside and even inside threat. The data and information, which the companies and small businesses have, are arguably the most important assets. They should ensure the data confidentiality, integrity, availability, non-repudiation, authentication, and authorization. Most small businesses and companies must have information security to ensure their business and information assets. Information security protects data and controls how it should be distributed within or without the businesses boundaries. This means that information should be encrypted and may have restrictions placed on its distribution to the third party. Information security should protect the data from the outside threats such as:…

    • 674 Words
    • 3 Pages
    Good Essays
  • Good Essays

    Csia 301 - Syllabus

    • 4678 Words
    • 19 Pages

    describe the necessity of secure architecture in information systems analyze the role of security models and architectures and their relationship to information security explain the…

    • 4678 Words
    • 19 Pages
    Good Essays
  • Satisfactory Essays

    NT2580

    • 1232 Words
    • 14 Pages

    ISS Information Systems Information NT2580 Introduction to Information Security © ITT Educational Services, Inc. All rights reserved. Page 5…

    • 1232 Words
    • 14 Pages
    Satisfactory Essays
  • Satisfactory Essays

    NT2580

    • 526 Words
    • 5 Pages

    Introduction to Information Security © ITT Educational Services, Inc. All rights reserved. Page 2 Key Concepts  Attacks, threats, and vulnerabilities in a typical IT infrastructure …

    • 526 Words
    • 5 Pages
    Satisfactory Essays
  • Satisfactory Essays

    Is 411 Study Guide

    • 305 Words
    • 2 Pages

    Information Security Business Challenges and Policies the mitigate risk within the 7 domains. – p 77 - 83…

    • 305 Words
    • 2 Pages
    Satisfactory Essays
  • Better Essays

    Rwerew

    • 1120 Words
    • 5 Pages

    Henrik Ibsen may have attracted one section of the English people and established himself as the greatest dramatic poet, forging a kind of drama that strikes the reader with its profound hortatory undertones, but it is August Strindberg that has enjoyed considerable adulation for his expressionistic and palpably ironic plays, with the avant-garde characters and their existential problems measuring their strength against each other.…

    • 1120 Words
    • 5 Pages
    Better Essays
  • Satisfactory Essays

    It’s been a long time since Information Technology had been introduced to us but we weren’t able to acknowledge it because we determine it as the use of electronic machines. In reality, it is the study, design, development, implementation, support or management of computer-based information systems, particularly software applications and computer hardware. It deals with the use of electronic computers and computer software to securely convert, store, protect, process, transmit, input, output and retrieve information that makes managing and exchanging of information easier.…

    • 360 Words
    • 2 Pages
    Satisfactory Essays
  • Satisfactory Essays

    Information Systems

    • 416 Words
    • 2 Pages

    1. 2. 3. 4. 5. People, who make the IT specialists such as Database Administrator and Network Engineer. Software, which consists of System Software, Utility Software, and Application Software. Hardware, which consists of the whole physical aspect ranging from peripherals to computer servers. Data, which is all the databases and knowledge stored in the IS. Network, which consists of the media communication and network support.…

    • 416 Words
    • 2 Pages
    Satisfactory Essays