1. 3. Risk Management
1.1. Information Risk Management (IRM)
1.2. Type of Risk to IT
1.2.1. Physical darmage
1.2.2. Human interaction
1.2.3. Equipment malfunction
1.2.4. Inside and Outside attacks
1.2.5. Misuse of data
1.2.6. Loss of Data
1.2.7. Application error
1.3. Information Risk Management Plan
1.4. IRM Policy
1.5. IRM Policy Components
1.6. IRM Team's Goal
1.7. Key that make the goal accomplished
1.8. Risk Analysis
1.8.1. Risk Analysis Process
1.8.1.1. Steps of Risk Analysis
1.8.1.1.1. Assign Value to Assets
1.8.1.1.2. Estimate Potential Loss per Threat
1.8.1.1.3. Perform a threat Analysis
1.8.1.1.4. Derive the Overall Loss Potential per Threat
1.8.1.1.5. Management Risks
1.8.2. Risk Analysis Methodology
1.8.2.1. Quantitative Risk Analysis
1.8.2.2. Qualitative Risk Analysis
1.8.3. Results of Risk Analysis
2. 2. Authentications
2.1. Authentication Basics
2.1.1. Authentication Process
2.2. Passwords
2.2.1. Password guessing
2.2.1.1. Dictionary attack
2.2.1.2. Random selection of password
2.2.2. Password aging
2.2.3. One-time password
2.3. Biometrics
2.3.1. Fingerprints
2.3.2. Voices
2.3.3. Eyes
2.3.4. Faces
2.3.5. Keystrokes
2.3.6. Combinations
2.4. Multiple methods
3. 1. Security
3.1. Physical Security
3.2. Communication Security
3.3. Computer Security
3.4. Network Security
3.5. Information Security
3.5.1. Security Concepts
3.5.2. security Properties
3.5.2.1. Confidentiality
3.5.2.2. Integrity
3.5.2.3. Availability
3.5.2.4. Consistency
3.5.2.5. Auditability
3.5.2.6. Control
3.5.2.7. Authentication
3.5.2.8. Non-repudiation
3.5.3. Security Methodology
3.5.3.1. Five steps to better security
3.5.3.1.1. assets
3.5.3.1.2. risks
3.5.3.1.3. Protections
3.5.3.1.4. Tools
3.5.3.1.5. Priorities
3.5.4. Information Enermies
3.5.4.1. Threat
3.5.4.2. Attack
3.5.4.2.1. Passive Attacks
3.5.4.2.2. Active Attacks
3.5.4.3. SYS flood
3.5.4.4. Compromised-Key Attack
3.5.4.5. Sniffer Attack
3.5.4.6. Application-Layer Attack
3.5.4.6.1. Security Related Terms
3.5.4.6.2. Vulnerabilities and Exploits
3.5.4.6.3. Threats