Please enable JavaScript.
Coggle requires JavaScript to display documents.
Chap 1 : Information Security Overview (Terms in Information System…
Chap 1 : Information Security Overview
Known as : INFOSEC -> Processes & methodologies involved with keeping information confidential , available & assuring its integrity .
Protecting information no matter where that information is
Characteristic of Iss ( CIA )
Confidentiality : Protecting information from disclosure to unauthorized parties
Integrity : Protecting information from being modified by unauthorized parties
Availability : Ensuring that authorized parties are able to access the information when needed
The need for information system security
Users can perform only authorized tasks
Network security needed
Applications that can protect the network form unauthorized access are in place
Potential risk to network
Terrorist , Criminal elements
Potential Risks
Asset Identification - To identify the resources used in network for various applications
Vulnerability Assessment - To process of identifying , quantifying and prioritizing the vulnerabilities in the system
Threat Identification - To identify a threat in the system
Terms in Information System Security
Information theft - Network eavesdropping can lead to information theft
Unauthorized disclosure - To disclose information to an individual who is not authorized to receive it
Information warfare - The use of information, and attacks on information, as a tool of warfare
Accidental data loss - Information systems implement backup and disaster recovery equipment and processes to prevent data loss or restore lost data
Security Model : Formal description of security policy
Open Security Model