KHO THƯ VIỆN 🔎

Ch 03 kho tài liệu training

➤  Gửi thông báo lỗi    ⚠️ Báo cáo tài liệu vi phạm

Loại tài liệu:     PDF
Số trang:         102 Trang
Tài liệu:           ✅  ĐÃ ĐƯỢC PHÊ DUYỆT
 













Nội dung chi tiết: Ch 03 kho tài liệu training

Ch 03 kho tài liệu training

CHAPTERInformation Security and Risk ManagementThis chapter presents the following:•Security management responsibilities•Difference between administra

Ch 03 kho tài liệu trainingative, technical, and physical controls•Three main security principles•Risk management and risk analysis•Security policies•Information classification•

Security-awareness trainingWe hear about viruses causing millions of dollars in damages, hackers from other countries capturing credit card informatio Ch 03 kho tài liệu training

n from financial institutions, web sites of large corporations and governments being defaced for political reasons, and hackers being caught and sent

Ch 03 kho tài liệu training

to jail. Ihese are the more exciting aspects of computer security, but realistically these activities are not what the average corporation or security

CHAPTERInformation Security and Risk ManagementThis chapter presents the following:•Security management responsibilities•Difference between administra

Ch 03 kho tài liệu trainingnagement is the core of a company's business and information securin’ structure.Security ManagementSecurity management includes risk management, infor

mation security policies, procedures, standards, guidelines, baselines, information classification, security organization, and security education. The Ch 03 kho tài liệu training

se core components serve as the foundation of a corporation’s security program. Ihe objective of security, and a securin’ program, is to protect the c

Ch 03 kho tài liệu training

ompany and its assets. A risk analysis identifies these assets, discovers the threats that put them at risk, and estimates the possible damage and pot

CHAPTERInformation Security and Risk ManagementThis chapter presents the following:•Security management responsibilities•Difference between administra

Ch 03 kho tài liệu trainingecessary' funds to protect the recognized assets from their identified threats and develop applicable security policies that provide direction for sec

urity activities. Security education takes this information to each and every employee within the company so everyone is properly informed and can mor Ch 03 kho tài liệu training

e easily work toward the same security goals.53CISSP All-in-One Exam Guide54The process of security management is a circular one that begins with the

Ch 03 kho tài liệu training

assessment of risks and the determination of needs, followed by the monitoring and evaluation of the systems and practices involved. This is then foll

CHAPTERInformation Security and Risk ManagementThis chapter presents the following:•Security management responsibilities•Difference between administra

Ch 03 kho tài liệu trainingressed. The last step is the implementation of policies and controls intended to address the risks and needs first defined. Then the cycle Stans all o

ver again. In this way, the process continually evaluates and monitors the security environment of an organization and allows it to adapt and grow to Ch 03 kho tài liệu training

meet the security needs of the environment in which it operates and exists.Security management has changed over the years because networked environmen

Ch 03 kho tài liệu training

ts, computers, and the applications that hold information have changed. Information used to be held in a mainframe, which is a more centralized networ

CHAPTERInformation Security and Risk ManagementThis chapter presents the following:•Security management responsibilities•Difference between administra

Ch 03 kho tài liệu traininguted networks we see today. Only certain people were allowed access and only a small set of people knew how the mainframe worked, which drastically re

duced security risks. Users were able to access information on the mainframe through dumb terminals (they were called this because they had little or Ch 03 kho tài liệu training

no logic built into them). There was not much need for strict security controls to be put into place. I lowever, the computing society did not stay in

Ch 03 kho tài liệu training

this type of architecture. Now, most networks are filled with personal computers that have advanced logic and processing power, users know enough abo

CHAPTERInformation Security and Risk ManagementThis chapter presents the following:•Security management responsibilities•Difference between administra

Ch 03 kho tài liệu trainingns, and other networks. Information passes over wires and airways al a rale not even conceived of 10 to 15 years agoThe Internet, extranets (business

partner networks), and intranets not only make security much more complex, they make security even more critical, rhe core network architecture has ch Ch 03 kho tài liệu training

anged from being a localized, stand-alone computing environment to a distributed computing environment that has increased exponentially with complexit

Ch 03 kho tài liệu training

y. Although connecting a network to the Internet adds more functionality and services for the users and expands the company’s visibility to the Intern

CHAPTERInformation Security and Risk ManagementThis chapter presents the following:•Security management responsibilities•Difference between administra

Ch 03 kho tài liệu trainingrs and computing capabilities. Computers have been integrated into the business and individual daily fabric, and their sudden unavailability would cau

se great pain and disruption. Many of the larger corporations already realize that their data are as much an asset to be protected as their physical b Ch 03 kho tài liệu training

uildings, factory equipment, and other physical assets. As networks and environments have changed, so has the need for security. Security is more than

Ch 03 kho tài liệu training

just a firewall and a router with an access list; these systems must be managed, and a big pan of security is managing rhe actions of users and rhe p

CHAPTERInformation Security and Risk ManagementThis chapter presents the following:•Security management responsibilities•Difference between administra

Ch 03 kho tài liệu training ResponsibilitiesOkay, who is in charge and whyĩIn the world of security, management's functions involve determining objectives, scope, policies, prio

rities, and strategies. Management needs to define a clear scopeChapter 3: Information Security ano ni»K management55and. before 100 people run off in Ch 03 kho tài liệu training

different directions trying to secure the environment, determine actual goals expected to be accomplished from a security program. Management also ne

Ch 03 kho tài liệu training

eds to evaluate business objectives, security risks, user productivity, and functionality requirements and objectives. Finally, management must define

CHAPTERInformation Security and Risk ManagementThis chapter presents the following:•Security management responsibilities•Difference between administra

Ch 03 kho tài liệu traininge equation only and figure that information and computer security fall within the I I administrator's responsibilities. In these situations, managemen

t is not taking computer and information security seriously, the consequence of which is that security will most likely remain underdeveloped, unsuppo Ch 03 kho tài liệu training

rted, underfunded, and unsuccessful. Security needs to be addressed al the highest levels of management. The IT administrator can consult with managem

Ch 03 kho tài liệu training

ent on the subject, but the security of a company should not be delegated entirely to the 11 or security administrator.Security management relies on p

CHAPTERInformation Security and Risk ManagementThis chapter presents the following:•Security management responsibilities•Difference between administra

Ch 03 kho tài liệu trainingy, confidentiality, and availability for those assets. Various management tools are used to classify data and perform risk analysis and assessments. T

hese tools identify vulnerabilities and exposure rales and rank the severity of identified vulnerabilities so that effective countermeasures can be im Ch 03 kho tài liệu training

plemented to mitigate risk in a cost-effective manner. Management’s responsibility is to provide protection for the resources it is responsible for an

Ch 03 kho tài liệu training

d die company overall These resources come in human, capital, hardware, and informational forms. Management must concern itself with ensuring that a s

CHAPTERInformation Security and Risk ManagementThis chapter presents the following:•Security management responsibilities•Difference between administra

Ch 03 kho tài liệu trainingto effect.Tile necessary resources and funding need to be available, and strategic representatives must be ready to participate in the security progra

m. Management must assign responsibility and identify the roles necessary to get the security program off the ground and keep it thriving and evolving Ch 03 kho tài liệu training

as the environment changes. Management must also integrate the program into the current business environment and monitor its accomplishments. Managem

Ch 03 kho tài liệu training

ent's support is one of the most important pieces of a security program. A simple nod and a wink will not provide the amount of support required.The T

CHAPTERInformation Security and Risk ManagementThis chapter presents the following:•Security management responsibilities•Difference between administra

Ch 03 kho tài liệu trainingrkers start with a blueprint of the structure, then pour the foundation, and then erect the frame. As the building of the house continues, the workers

know what the end result is supposed to be, so they add the right materials, insert doors and windows as specified in the blueprints, erect support b Ch 03 kho tài liệu training

eams, provide sturdy ceilings and floors, and add the plaster and carpet and smaller details until the house is complete. Then inspectors come in to e

Ch 03 kho tài liệu training

nsure the structure of the house and the components used to make it are acceptable. If this process did not start with a blueprint and a realized goal

Gọi ngay
Chat zalo
Facebook