Nội dung

Lecture 29 Information Security erview e CIA curity Governance Policies, Procedures, etc. Organizational Structures Roles and Responsibilities ormation Classification sk Management e CIA: Information Security Principles nfidentiality Allowing only authorized subjects access to information egrity Allowing only authorized subjects to modify information ailability Ensuring that information and resources are accessible when needed verse CIA nfidentiality Preventing unauthorized subjects from acces information egrity Preventing unauthorized subjects from modif information ailability Preventing information and resources from b inaccessible when needed ng the CIA ink in terms of the core information curity principles ow does this threat impact the CIA? hat controls can be used to reduce the r CIA? we increase confidentiality, will we crease availability? urity Governance curity Governance is the organizational ocesses and relationships for managing Policies, Procedures, Standards, Guidelines, Baselines Organizational Structures Roles and Responsibilities icy Mapping Laws, Regulations, Requirements, Organizational Goals, Objectives General Organizational Policies Functional Policies icies licies are statements of management entions and goals nior Management support and approva al to success neral, high-level objectives ceptable use, internet access, logging, ormation security, etc cedures ocedures are detailed steps to perform ecific task ually required by policy commissioning resources, adding user counts, deleting user accounts, change anagement, etc ndards andards specify the use of specific chnologies in a uniform manner quires uniformity throughout the ganization perating systems, applications, server to uter configurations, etc