1Introduction to the Management of Information Security?
2.Which trend in IT has eliminated the "we have technology people to handle technology problems" approach as method for securing systems?
3List and describe an organization's three communities of interest that engage in efforts to solve InfoSec problems. Give two or three examples of who might be in each community.
4-What is the definition of security? How is a secure state usually achieved?
5-List and describe the specialized areas of security.?
6-What is the definition of information security? What essential protections must be in place to protect information systems from danger?
7What is the C.I.A. triangle? Define each of its component parts.
8-Why is the C.I.A. triangle significant? Is it widely referenced?
9-Describe the CNSS security model. What are its three dimensions?
10-What is the definition of privacy as it relates to information security? How is this definition of privacy different from the everyday definition? Why is this difference significant?
11Define the InfoSec processes of identification, authentication, authorization, and accountability.
12Are leadership and management similar? How are they different?
13What are the three types of general planning? Define each.
14List and describe the four categories of control tools.
15-Exercises
1. Using a Web browser and search engine, find the Web site of the Committee on National Security Systems (CNSS), formerly the National Security Telecommunications and Information Systems Security Committee (NSTISSC). Locate the documentation library and browse the index. When was the site last updated? Which one or two documents would be of most interest to you now?
2Consider the information stored on your personal computer. Do you, at this moment, have information stored in your computer that is critical to your personal life? If that information became compromised or lost, what effect would it have on you?