Start Discovering Solved Questions and Your Course Assignments
TextBooks Included
Active Tutors
Asked Questions
Answered Questions
categories of controlscontrolling risk through mitigation avoidance or transference is accomplished by implementing controls there are 4 effective
risk control strategiesonce the ranked vulnerability risk worksheet has created they should choose one of following 4 strategies to control each
cipher methodsthere are 2 methods of encrypting plaintextbull bit stream method ndash every bit in the plaintext bit is transformed into a cipher bit
elements of cryptosystemscryptosystems is characteristically made up of algorithms data handling techniques and procedures which are combined in
introduction to cryptographycryptographythe word cryptography is derived from greek words kryptos which means hidden and graphein meaning to write
base liningbull organizations do not have any contact to each other bull no two organizations are identical to each
feasibility studiesbefore deciding on strategy all information of economic or non economic consequences of vulnerability of information asset should
access controlsaccess controls addresses admission of a user into a trusted area of organization it comprises of a combination of policies amp
identify possible controlsfor each threat and linked vulnerabilities which have residual risk create primary list of control ideas residual risk is
risk determinationfor purpose of relative risk assessment risk equals probability of vulnerability occurrence times value minus percentage risk
risk assessmentrisk assessment is a step in a risk management technique risk assessment is the determination of quantitative or qualitative value of
vulnerability identificationspecific avenues threat agents can exploit to attack an information asset are known as vulnerabilities examine how each
threat identificationafter identifying and performing a primary classification of an organizationrsquos information assets the analysis phase moves
management of classified datamanagement of classified data comprises of its storage distribution portability and destruction of classified data all
security clearancesfor a security clearance in organizations each data user should be assigned a single level of authorization indicating
data classification and managementcorporate and military organizations use a several of classification schemes information owners are responsible for
hardware software and network asset identificationwhat information attributes to track is dependent onbull requires of organizationrisk
peopleproceduresdata asset identification-risk managementthe human resources data information and documentation assets are more difficult to identify
security analysisoverviewbull know yourself examine identify and understand the information and systems which are currently in
legal ethical and professional issuesto minimize liabilities and reduce risks information security practitioner shouldbull to understand
business needsinformation security performs four main functions for an organization1 protects the ability of organization to function2 enables safe
need for securityprimary mission of information security to ensure that the systems and contents stay the same if no threats could focus on improving
the security systems development life cycle secsdlcthe same phases which is used in traditional sdlc can be adapted to support specialized