Cis Studyguide

Topics: Information security, Security, Risk management Pages: 5 (1150 words) Published: February 5, 2013
Overview of the Info Security (3 MC, 2 S/A, 1LA)
1. Recognize the importance of information technology and understand who is responsible for protecting an organization’s information assets 2. Know and understand the definition and key characteristics of information security 3. Know and understand the definition and key characteristics of leadership and management 4. Recognize the characteristics that differentiate information security management from general management Concepts:

Information security (InfoSec) is the protection of information and its critical elements, including the systems and hardware that use, store, and transmit that information. Figure 1-1 shows that information security includes the broad areas of information security management (the topic of this book), computer and data security, and network security. At the heart of the study of information security is the concept of policy (discussed in detail in Chapter 4). Policy, awareness, training, education, and technology are vital concepts for the protection of information and for keeping information systems from danger.

* Business Mgmt Professionals: Orgzn ad Info Sec strategy, policy and resources ($$) * I.T. Mgmt : support business objectives w/ appropriate information technology (HW, SW, NW, interfaces) * InfoSec Mgmt: provide technical protective environment for critical assets from threats/ exploits, disruptions Communities of Interest

* InfoSec community: protects the organization’s information assets from the threats they face. * IT community: supports the business objectives of the organization by supplying and supporting information technology appropriate to the business’ needs. * Non-technical general business community: articulates and communicates organizational policy and objectives and allocates resources to the other groups.

Information Technology (I.T.)
= tangible HW, SW, DBs, NW, technologies used to support / build Info Systems (data / info processing) = technological components to support facilitate System Interfaces / comm Information Systems (I.S.)

= Specific organizational applications, specialized Sub-Systems Supported by different tangible technologies (I.T.)

Technological “Infrastructure”
= specific technologies that support a Organization, NW, Info Systems = basic electronic, mechanical, social, political, etc. support systems = provides fundamental support structure for a system / organization / network = specifies how all I.T. and I.S. connected

Technological “Architecture”
Overall “Logical”, “Conceptual Design” of NW …that supports exchange of data + info = Overview of the I.S. NW, Telecomm (T/C) System,
and E-Commerce environments (B2B, B2C, C2C)
- shows interrelations of Tech components
- how components interface + FUNCTION
- outlines how Orgnzn functions + flexibility to meet future requirements …..”scalability”

- Computer Architecture
- Software Architecture
- Network Architecture

Info Security Safeguards, IT Controls (Part 1)

* Please describe two instances of each category
*** Most strategic uses for encryption ***
1. to secure info during transmission
2. to secure stored information /data

* ACCESS CONTROL (Firewalls, Passwords, Intrusion Detection Systems) * Cyber Warfare (Honeypots, Honeynets, Darknets)

* Describe two techniques

* We need to know the hash characteristics because its going to be in the exam. (IMPORTANT)

IN the exam ,mention 2 of these 7 assumption
7 Info Security and ROI Dilemmas
1. Companies focus more on Capital expenditures that directly affect revenue
believe Info Sec investments shift focus away from profit / growth 2. Top mgmt often doesn’t understand Impact
of info security breaches on...
Continue Reading

Please join StudyMode to read the full document

You May Also Find These Documents Helpful

  • studyguide Essay
  • CIS 2010 Final exam copy Essay
  • CIS 470 PROJECT PLAN Essay
  • Essay about CIS 410 Cases
  • CIS 515 Assignment 3 Essay
  • CIS 348 ASSIGNMENT 1 Essay
  • CIS 429 Essay
  • CIS 505 Assignment 2_RequirementsfortheCorporateComputingFunction Essay

Become a StudyMode Member

Sign Up - It's Free