Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security

Chapter 1:

advertisement 
Chapter 1:
Definition of Information Security
C.I.A triangle: confidentiality, integrity, availability
NSTISSC model
Components of an information system
Top-down and bottom-up approach.
Security personnels: CIO, CISO, champion
SecSDLC: based on waterfall model, phases
Data ownership
Access control:
Terms: threat, vulnerability, risk, single sign on (SSO)
Different types of access control:
--preventative, detective, corrective, recovery,
--administrative, logical/technical, physical
--Security in depth
The process of accountability: identification, authentication, authorization, auditing and
accountability
Three types of authentication factors: sth you know, sth you have, sth you are (be able to
give example for each one)
Two factor authentication and strong authentication
Understand the weakness of password mechanism and what measures you can take to
make the mechanism more secure.
Biometric: three types of rates, relationship between rates and sensitivity level,
relationship between accuracy/effectiveness and acceptance
Token
Access control models: discretionary, …
Information classification and security clearance level
Centralized and decentralized access control, know the fact that RADIUS and TACTCS
are both examples of centralized access control, and decentralized access control are
normally based on domains
Some security principles: need to know, least privilege, separation of duties, avoid
“security through obscurity”
Security models: Bell-lapudula model, Biba model, non-inference model, Chinese wall
model
Related documents
旅游2
旅游2
CS 2813 - Loyola College
CS 2813 - Loyola College
CCNA Security - Skill Exam 2012
CCNA Security - Skill Exam 2012
Chapter 11 HW
Chapter 11 HW
Lesson Fifteen The Damned Human Race
Lesson Fifteen The Damned Human Race
Ju Ching Chu Secondary School
Ju Ching Chu Secondary School
Your Name
Your Name
Part I
Part I
Proverbs and Idiomatic Expressions
Proverbs and Idiomatic Expressions
中考复习探讨怎样写好书面表达
中考复习探讨怎样写好书面表达
LIST OF SOME COMMON WORDS AND THEIR SYNONYMS
LIST OF SOME COMMON WORDS AND THEIR SYNONYMS
Table for control objective DS5
Table for control objective DS5
ABSTRACT THESIS: STUDENT: DEGREE:
ABSTRACT THESIS: STUDENT: DEGREE:
Powerpoint
Powerpoint
Qualifier Exam in Information Security Spring 2010
Qualifier Exam in Information Security Spring 2010
Model for information security planning
Model for information security planning
The Australian National Electronic Authentication Council's News
The Australian National Electronic Authentication Council's News
Please click on the link to
Please click on the link to
Position Summary: Authentication Confidences Gregory R. Ganger Carnegie Mellon University
Position Summary: Authentication Confidences Gregory R. Ganger Carnegie Mellon University
Lecture 7, Part 2
Lecture 7, Part 2
USC CSci530 Computer Security Systems Lecture notes * Spring
USC CSci530 Computer Security Systems Lecture notes * Spring
Grammar-prepositions of place and directions
Grammar-prepositions of place and directions
Download
advertisement