CHAPTER 1 INTRODUCTION TO INFORMATION SECURITY

Intro to info security

Get Started. It's Free
or sign up with your email address
CHAPTER 1 INTRODUCTION TO INFORMATION SECURITY by Mind Map: CHAPTER 1 INTRODUCTION TO INFORMATION SECURITY

1. What is security?

1.1. The quality or state of being secured, to be free from danger

2. 6 Layers of security a successful org should implement (NOICPP)

2.1. 1. Network

2.2. 2. Operation

2.3. 3. Information

2.4. 4. Communication

2.5. 5. Personal

2.6. 6. Physical

3. 3 components of the CIA triangle

3.1. 1. Confidentiality

3.2. 2. Integrity

3.3. 3. Availabilty

4. 5 essential tools a company should use to achieve security

4.1. 1. Policy

4.2. 2. Awarewness

4.3. 3. Training

4.4. 4. Educations

4.5. 5. Technology

5. 7 critical characteristics of informations

5.1. 1. Availability

5.2. 2. Accuracy

5.3. 3. Authenticity

5.4. 4.Confidentiality

5.5. 5. Integrity

5.6. 6. Utility

5.7. 7. Possession

6. 6 Components of info system

6.1. 1. Hardware

6.2. 2. Software

6.3. 3. People

6.4. 4. Database

6.5. 5. Procedure

6.6. 6. Network

7. Not possible to achieve perfect security

7.1. Security should be considered a balance between protection and availability

8. Approaches to info system implementation

8.1. 1. Top-down

8.2. 2. Bottom-down

9. Why is methodology imp in info security?

9.1. 1. ensures development is structured in an orderly manner

9.2. 2. employees can follow the steps, eliminate mistakes

9.3. 3. increase probability of success

10. Members involve in security system development

10.1. Upper Management

11. The Security system Development Life Cycle

11.1. Step 1: Investigation

11.2. Step 2: Analysis

11.3. Step 3: Logical Design

11.4. Step 4: Physical Design

11.5. Step 5: Implementation

11.6. Step 6: Maintenance and Change

12. Senior Management

12.1. Chief Information Officer (CIO)

12.2. Chief Information Security Officer (CISO)

13. Information Security Project Team

13.1. 1. Champion

13.2. 2. Team Leader

13.3. 3. Security Policy Developers

13.4. 4. Risk Assessment Specialist

13.5. 5. Security Professionals

13.6. 6. System Administrators

13.7. 7. End Users