CHAPTER 1 INTRODUCTION TO INFORMATION SECURITY

1. 7 critical characteristics of informations

1.1. 1. Availability

1.2. 2. Accuracy

1.3. 3. Authenticity

1.4. 4.Confidentiality

1.5. 5. Integrity

1.6. 6. Utility

1.7. 7. Possession

2. 6 Components of info system

2.1. 1. Hardware

2.2. 2. Software

2.3. 3. People

2.4. 4. Database

2.5. 5. Procedure

2.6. 6. Network

3. Approaches to info system implementation

3.1. 1. Top-down

3.2. 2. Bottom-down

4. Why is methodology imp in info security?

4.1. 1. ensures development is structured in an orderly manner

4.2. 2. employees can follow the steps, eliminate mistakes

4.3. 3. increase probability of success

5. The Security system Development Life Cycle

5.1. Step 1: Investigation

5.2. Step 2: Analysis

5.3. Step 3: Logical Design

5.4. Step 4: Physical Design

5.5. Step 5: Implementation

5.6. Step 6: Maintenance and Change

6. Information Security Project Team

6.1. 1. Champion

6.2. 2. Team Leader

6.3. 3. Security Policy Developers

6.4. 4. Risk Assessment Specialist

6.5. 5. Security Professionals

6.6. 6. System Administrators

6.7. 7. End Users

7. What is security?

7.1. The quality or state of being secured, to be free from danger

8. 6 Layers of security a successful org should implement (NOICPP)

8.1. 1. Network

8.2. 2. Operation

8.3. 3. Information

8.4. 4. Communication

8.5. 5. Personal

8.6. 6. Physical

9. 5 essential tools a company should use to achieve security

9.1. 1. Policy

9.2. 2. Awarewness

9.3. 3. Training

9.4. 4. Educations

9.5. 5. Technology

10. 3 components of the CIA triangle

10.1. 1. Confidentiality

10.2. 2. Integrity

10.3. 3. Availabilty

11. Not possible to achieve perfect security

11.1. Security should be considered a balance between protection and availability

12. Members involve in security system development

12.1. Upper Management

13. Senior Management

13.1. Chief Information Officer (CIO)

13.2. Chief Information Security Officer (CISO)