SlideShare a Scribd company logo

Testing

L
lorenceman
Education
1 of 32
Cyber Security Principles for Managers Module 1 MIS 645
Course Outline ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Basic Security Principles ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Interrelationships of elements People Technology Operation Training & Awareness Security Admin. Personal Security Physical Security Risk Management Auditing and Monitoring Incident & Response Contingency & Recovery
Security Management Practices ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Management Concepts ,[object Object],[object Object],[object Object]
[object Object],[object Object],[object Object],Management Concepts
[object Object],[object Object],[object Object],[object Object],[object Object],Management Concepts
[object Object],[object Object],[object Object],[object Object],Management Concepts
Information Classification ,[object Object],[object Object],[object Object]
Objectives ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Concepts ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Concepts ,[object Object],[object Object],[object Object],[object Object],[object Object]
Classification Criteria ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Distribution of Classified Information ,[object Object],[object Object],[object Object],[object Object]
Classification Roles ,[object Object],[object Object],[object Object],[object Object]
Roles-continued ,[object Object],[object Object],[object Object],[object Object]
Roles-continued ,[object Object],[object Object],[object Object],[object Object]
Security Policy ,[object Object],[object Object],[object Object]
Policies ,[object Object],[object Object],[object Object],[object Object]
Policies ,[object Object],[object Object],[object Object]
Policies ,[object Object],[object Object],[object Object],[object Object]
Standards, Guidelines and Procedures ,[object Object],[object Object],[object Object],[object Object]
Roles and Responsibilities Examines security Auditor Performs tasks in accordance with the stated policies User/Operator Preserves the information’s Confidentiality,Integrity, Availability Custodian Determines the data classification Owner Functional responsibility for security Information Security Officer Ultimate responsibility for security Senior Manager Responsibility Role
Risk Management ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Terms in Risk Analysis ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Risk Analysis ,[object Object],[object Object],[object Object],[object Object]
Types of threats ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Risk Analysis Results ,[object Object],[object Object],[object Object],[object Object],[object Object]
Safeguard Selection Criteria ,[object Object],[object Object],[object Object],[object Object],[object Object]
Safeguard Selection Criteria ,[object Object],[object Object],[object Object],[object Object],[object Object]
Security Awareness ,[object Object],[object Object],[object Object],[object Object],[object Object]

Recommended

Domain 1 - Security and Risk Management
Domain 1 - Security and Risk ManagementDomain 1 - Security and Risk Management
Domain 1 - Security and Risk ManagementMaganathin Veeraragaloo
 
Information security policy_2011
Information security policy_2011Information security policy_2011
Information security policy_2011codka
 
Business case for enterprise continuity planning
Business case for enterprise continuity planningBusiness case for enterprise continuity planning
Business case for enterprise continuity planningWilliam Godwin
 
Information classification
Information classificationInformation classification
Information classificationJyothsna Sridhar
 
Implementing security
Implementing securityImplementing security
Implementing securityDhani Ahmad
 
Ch2 cism 2014
Ch2 cism 2014Ch2 cism 2014
Ch2 cism 2014Aladdin Dandis
 
Iso 27001 Checklist
Iso 27001 ChecklistIso 27001 Checklist
Iso 27001 ChecklistCraig Willetts ISO Expert
 
Security Policies and Standards
Security Policies and StandardsSecurity Policies and Standards
Security Policies and Standardsprimeteacher32
 

Recommended

Domain 1 - Security and Risk Management
Domain 1 - Security and Risk ManagementDomain 1 - Security and Risk Management
Domain 1 - Security and Risk ManagementMaganathin Veeraragaloo
 
Information security policy_2011
Information security policy_2011Information security policy_2011
Information security policy_2011codka
 
Business case for enterprise continuity planning
Business case for enterprise continuity planningBusiness case for enterprise continuity planning
Business case for enterprise continuity planningWilliam Godwin
 
Information classification
Information classificationInformation classification
Information classificationJyothsna Sridhar
 
Implementing security
Implementing securityImplementing security
Implementing securityDhani Ahmad
 
Ch2 cism 2014
Ch2 cism 2014Ch2 cism 2014
Ch2 cism 2014Aladdin Dandis
 
Iso 27001 Checklist
Iso 27001 ChecklistIso 27001 Checklist
Iso 27001 ChecklistCraig Willetts ISO Expert
 
Security Policies and Standards
Security Policies and StandardsSecurity Policies and Standards
Security Policies and Standardsprimeteacher32
 
Ch4 cism 2014
Ch4 cism 2014Ch4 cism 2014
Ch4 cism 2014Aladdin Dandis
 
Module 2 information security risk management student slides ver 1.0
Module 2 information security risk management student slides ver 1.0Module 2 information security risk management student slides ver 1.0
Module 2 information security risk management student slides ver 1.0Aladdin Dandis
 
Fraudulent Methods for Attacking Bank Networks and Prevention 2014
Fraudulent Methods for Attacking Bank Networks and Prevention 2014Fraudulent Methods for Attacking Bank Networks and Prevention 2014
Fraudulent Methods for Attacking Bank Networks and Prevention 2014Aladdin Dandis
 
it grc
it grc it grc
it grc 9535814851
 
Fix nix, inc
Fix nix, incFix nix, inc
Fix nix, incFixNix Inc.,
 
Ch3 cism 2014
Ch3 cism 2014Ch3 cism 2014
Ch3 cism 2014Aladdin Dandis
 
Practical approach to security risk management
Practical approach to security risk managementPractical approach to security risk management
Practical approach to security risk managementG3 intelligence Ltd
 
Business continuity-plan-template
Business continuity-plan-templateBusiness continuity-plan-template
Business continuity-plan-templateMohamed Owaish
 
Simplifying IT GRC
Simplifying IT GRCSimplifying IT GRC
Simplifying IT GRCanand choudhary
 
Breach response
Breach responseBreach response
Breach responseClaudiu Popa
 
Risk Presentation
Risk Presentation Risk Presentation
Risk Presentation lneut03
 
Risk Assessment Famework
Risk Assessment FameworkRisk Assessment Famework
Risk Assessment Fameworklneut03
 
Information Security Management
Information Security ManagementInformation Security Management
Information Security ManagementEC-Council
 
Convergence innovative integration of security
Convergence innovative integration of securityConvergence innovative integration of security
Convergence innovative integration of securityciso_insights
 
Risk Assessment And Management
Risk Assessment And ManagementRisk Assessment And Management
Risk Assessment And Managementvikasraina
 
Chapter003
Chapter003Chapter003
Chapter003Jeanie Delos Arcos
 
How to write an IT security policy guide - Tareq Hanaysha
How to write an IT security policy guide - Tareq HanayshaHow to write an IT security policy guide - Tareq Hanaysha
How to write an IT security policy guide - Tareq HanayshaHanaysha
 
Cyb 690 cybersecurity program template directions the foll
Cyb 690 cybersecurity program template directions the follCyb 690 cybersecurity program template directions the foll
Cyb 690 cybersecurity program template directions the follAISHA232980
 
The Significance of IT Security Management & Risk Assessment
The Significance of IT Security Management & Risk AssessmentThe Significance of IT Security Management & Risk Assessment
The Significance of IT Security Management & Risk AssessmentBradley Susser
 
Its time to rethink everything a governance risk compliance primer
Its time to rethink everything a governance risk compliance primerIts time to rethink everything a governance risk compliance primer
Its time to rethink everything a governance risk compliance primerEnclaveSecurity
 
Bocconi brochure
Bocconi brochureBocconi brochure
Bocconi brochureUniversita' Bocconi
 
Pg global presentation 21st April 2011docx
Pg global presentation 21st April 2011docxPg global presentation 21st April 2011docx
Pg global presentation 21st April 2011docxPG Global Oil, Gas & Energy Specialists
 

More Related Content

What's hot

Module 2 information security risk management student slides ver 1.0
Module 2 information security risk management student slides ver 1.0Module 2 information security risk management student slides ver 1.0
Module 2 information security risk management student slides ver 1.0Aladdin Dandis
 
Fraudulent Methods for Attacking Bank Networks and Prevention 2014
Fraudulent Methods for Attacking Bank Networks and Prevention 2014Fraudulent Methods for Attacking Bank Networks and Prevention 2014
Fraudulent Methods for Attacking Bank Networks and Prevention 2014Aladdin Dandis
 
Practical approach to security risk management
Practical approach to security risk managementPractical approach to security risk management
Practical approach to security risk managementG3 intelligence Ltd
 
Business continuity-plan-template
Business continuity-plan-templateBusiness continuity-plan-template
Business continuity-plan-templateMohamed Owaish
 
Risk Presentation
Risk Presentation Risk Presentation
Risk Presentation lneut03
 
Risk Assessment Famework
Risk Assessment FameworkRisk Assessment Famework
Risk Assessment Fameworklneut03
 
Information Security Management
Information Security ManagementInformation Security Management
Information Security ManagementEC-Council
 
Convergence innovative integration of security
Convergence innovative integration of securityConvergence innovative integration of security
Convergence innovative integration of securityciso_insights
 
Risk Assessment And Management
Risk Assessment And ManagementRisk Assessment And Management
Risk Assessment And Managementvikasraina
 
How to write an IT security policy guide - Tareq Hanaysha
How to write an IT security policy guide - Tareq HanayshaHow to write an IT security policy guide - Tareq Hanaysha
How to write an IT security policy guide - Tareq HanayshaHanaysha
 
Cyb 690 cybersecurity program template directions the foll
Cyb 690 cybersecurity program template directions the follCyb 690 cybersecurity program template directions the foll
Cyb 690 cybersecurity program template directions the follAISHA232980
 
The Significance of IT Security Management & Risk Assessment
The Significance of IT Security Management & Risk AssessmentThe Significance of IT Security Management & Risk Assessment
The Significance of IT Security Management & Risk AssessmentBradley Susser
 
Its time to rethink everything a governance risk compliance primer
Its time to rethink everything a governance risk compliance primerIts time to rethink everything a governance risk compliance primer
Its time to rethink everything a governance risk compliance primerEnclaveSecurity
 

What's hot (20)

Ch4 cism 2014
Ch4 cism 2014Ch4 cism 2014
Ch4 cism 2014
 
Module 2 information security risk management student slides ver 1.0
Module 2 information security risk management student slides ver 1.0Module 2 information security risk management student slides ver 1.0
Module 2 information security risk management student slides ver 1.0
 
Fraudulent Methods for Attacking Bank Networks and Prevention 2014
Fraudulent Methods for Attacking Bank Networks and Prevention 2014Fraudulent Methods for Attacking Bank Networks and Prevention 2014
Fraudulent Methods for Attacking Bank Networks and Prevention 2014
 
it grc
it grc it grc
it grc
 
Fix nix, inc
Fix nix, incFix nix, inc
Fix nix, inc
 
Ch3 cism 2014
Ch3 cism 2014Ch3 cism 2014
Ch3 cism 2014
 
Practical approach to security risk management
Practical approach to security risk managementPractical approach to security risk management
Practical approach to security risk management
 
Business continuity-plan-template
Business continuity-plan-templateBusiness continuity-plan-template
Business continuity-plan-template
 
Simplifying IT GRC
Simplifying IT GRCSimplifying IT GRC
Simplifying IT GRC
 
Breach response
Breach responseBreach response
Breach response
 
Risk Presentation
Risk Presentation Risk Presentation
Risk Presentation
 
Risk Assessment Famework
Risk Assessment FameworkRisk Assessment Famework
Risk Assessment Famework
 
Information Security Management
Information Security ManagementInformation Security Management
Information Security Management
 
Convergence innovative integration of security
Convergence innovative integration of securityConvergence innovative integration of security
Convergence innovative integration of security
 
Risk Assessment And Management
Risk Assessment And ManagementRisk Assessment And Management
Risk Assessment And Management
 
Chapter003
Chapter003Chapter003
Chapter003
 
How to write an IT security policy guide - Tareq Hanaysha
How to write an IT security policy guide - Tareq HanayshaHow to write an IT security policy guide - Tareq Hanaysha
How to write an IT security policy guide - Tareq Hanaysha
 
Cyb 690 cybersecurity program template directions the foll
Cyb 690 cybersecurity program template directions the follCyb 690 cybersecurity program template directions the foll
Cyb 690 cybersecurity program template directions the foll
 
The Significance of IT Security Management & Risk Assessment
The Significance of IT Security Management & Risk AssessmentThe Significance of IT Security Management & Risk Assessment
The Significance of IT Security Management & Risk Assessment
 
Its time to rethink everything a governance risk compliance primer
Its time to rethink everything a governance risk compliance primerIts time to rethink everything a governance risk compliance primer
Its time to rethink everything a governance risk compliance primer
 

Viewers also liked

Viewers also liked (7)

Bocconi brochure
Bocconi brochureBocconi brochure
Bocconi brochure
 
Pg global presentation 21st April 2011docx
Pg global presentation 21st April 2011docxPg global presentation 21st April 2011docx
Pg global presentation 21st April 2011docx
 
Presentation
PresentationPresentation
Presentation
 
Dok3
Dok3Dok3
Dok3
 
A&O Overview
A&O OverviewA&O Overview
A&O Overview
 
Presentation
PresentationPresentation
Presentation
 
Gp July 2012
Gp July 2012Gp July 2012
Gp July 2012
 

Similar to Testing

D1 security and risk management v1.62
D1 security and risk management v1.62D1 security and risk management v1.62
D1 security and risk management v1.62AlliedConSapCourses
 
Dancyrityshy 1foundatioieh
Dancyrityshy 1foundatioiehDancyrityshy 1foundatioieh
Dancyrityshy 1foundatioiehAnne Starr
 
For our discussion question, we focus on recent trends in security t.pdf
For our discussion question, we focus on recent trends in security t.pdfFor our discussion question, we focus on recent trends in security t.pdf
For our discussion question, we focus on recent trends in security t.pdfalokkesh
 
Security Management Practices
Security Management PracticesSecurity Management Practices
Security Management Practicesamiable_indian
 
Information Security Governance and Strategy - 3
Information Security Governance and Strategy - 3Information Security Governance and Strategy - 3
Information Security Governance and Strategy - 3Dam Frank
 
Information Security Background
Information Security BackgroundInformation Security Background
Information Security BackgroundNicholas Davis
 
Information security background
Information security backgroundInformation security background
Information security backgroundNicholas Davis
 
A to Z of Information Security Management
A to Z of Information Security ManagementA to Z of Information Security Management
A to Z of Information Security ManagementMark Conway
 
Importance of Information Security and Goals for Preventing Data Breaches
Importance of Information Security and Goals for Preventing Data Breaches Importance of Information Security and Goals for Preventing Data Breaches
Importance of Information Security and Goals for Preventing Data Breacheskimsrung lov
 
Rothke Patchlink
Rothke PatchlinkRothke Patchlink
Rothke PatchlinkBen Rothke
 
2009 iapp-the corpprivacydeptmar13-2009
2009 iapp-the corpprivacydeptmar13-20092009 iapp-the corpprivacydeptmar13-2009
2009 iapp-the corpprivacydeptmar13-2009asundaram1
 
Business case for information security program
Business case for information security programBusiness case for information security program
Business case for information security programWilliam Godwin
 
Business case for Information Security program
Business case for Information Security programBusiness case for Information Security program
Business case for Information Security programWilliam Godwin
 
Proactive information security michael
Proactive information security michael Proactive information security michael
Proactive information security michael Priyanka Aash
 
Business information security requirements
Business information security requirementsBusiness information security requirements
Business information security requirementsgurneyhal
 
ISMS End-User Training Presentation.pptx
ISMS End-User Training Presentation.pptxISMS End-User Training Presentation.pptx
ISMS End-User Training Presentation.pptxcomstarndt
 
ISO 27701 Essentials: Building a Robust Privacy Management System
ISO 27701 Essentials: Building a Robust Privacy Management SystemISO 27701 Essentials: Building a Robust Privacy Management System
ISO 27701 Essentials: Building a Robust Privacy Management SystemShyamMishra72
 
Introduction to Network Security
Introduction to Network SecurityIntroduction to Network Security
Introduction to Network SecurityJohn Ely Masculino
 

Similar to Testing (20)

D1 security and risk management v1.62
D1 security and risk management v1.62D1 security and risk management v1.62
D1 security and risk management v1.62
 
Cissp Study notes.pdf
Cissp Study notes.pdfCissp Study notes.pdf
Cissp Study notes.pdf
 
Notes prep guide
Notes prep guideNotes prep guide
Notes prep guide
 
Dancyrityshy 1foundatioieh
Dancyrityshy 1foundatioiehDancyrityshy 1foundatioieh
Dancyrityshy 1foundatioieh
 
For our discussion question, we focus on recent trends in security t.pdf
For our discussion question, we focus on recent trends in security t.pdfFor our discussion question, we focus on recent trends in security t.pdf
For our discussion question, we focus on recent trends in security t.pdf
 
Security Management Practices
Security Management PracticesSecurity Management Practices
Security Management Practices
 
Information Security Governance and Strategy - 3
Information Security Governance and Strategy - 3Information Security Governance and Strategy - 3
Information Security Governance and Strategy - 3
 
Information Security Background
Information Security BackgroundInformation Security Background
Information Security Background
 
Information security background
Information security backgroundInformation security background
Information security background
 
A to Z of Information Security Management
A to Z of Information Security ManagementA to Z of Information Security Management
A to Z of Information Security Management
 
Importance of Information Security and Goals for Preventing Data Breaches
Importance of Information Security and Goals for Preventing Data Breaches Importance of Information Security and Goals for Preventing Data Breaches
Importance of Information Security and Goals for Preventing Data Breaches
 
Rothke Patchlink
Rothke PatchlinkRothke Patchlink
Rothke Patchlink
 
2009 iapp-the corpprivacydeptmar13-2009
2009 iapp-the corpprivacydeptmar13-20092009 iapp-the corpprivacydeptmar13-2009
2009 iapp-the corpprivacydeptmar13-2009
 
Business case for information security program
Business case for information security programBusiness case for information security program
Business case for information security program
 
Business case for Information Security program
Business case for Information Security programBusiness case for Information Security program
Business case for Information Security program
 
Proactive information security michael
Proactive information security michael Proactive information security michael
Proactive information security michael
 
Business information security requirements
Business information security requirementsBusiness information security requirements
Business information security requirements
 
ISMS End-User Training Presentation.pptx
ISMS End-User Training Presentation.pptxISMS End-User Training Presentation.pptx
ISMS End-User Training Presentation.pptx
 
ISO 27701 Essentials: Building a Robust Privacy Management System
ISO 27701 Essentials: Building a Robust Privacy Management SystemISO 27701 Essentials: Building a Robust Privacy Management System
ISO 27701 Essentials: Building a Robust Privacy Management System
 
Introduction to Network Security
Introduction to Network SecurityIntroduction to Network Security
Introduction to Network Security
 

Recently uploaded

Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Disha Kariya
 
ICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxAreebaZafar22
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.christianmathematics
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityGeoBlogs
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeThiyagu K
 
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin ClassesMixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin ClassesCeline George
 
Making and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdfMaking and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdfChris Hunter
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfagholdier
 
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...Shubhangi Sonawane
 
How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17Celine George
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfciinovamais
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxDenish Jangid
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdfQucHHunhnh
 
Seal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxSeal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxnegromaestrong
 
Unit-IV; Professional Sales Representative (PSR).pptx
Unit-IV; Professional Sales Representative (PSR).pptxUnit-IV; Professional Sales Representative (PSR).pptx
Unit-IV; Professional Sales Representative (PSR).pptxVishalSingh1417
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingTechSoup
 

Recently uploaded (20)

Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..
 
ICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptx
 
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.
 
Advance Mobile Application Development class 07
Advance Mobile Application Development class 07Advance Mobile Application Development class 07
Advance Mobile Application Development class 07
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and Mode
 
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin ClassesMixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
 
Making and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdfMaking and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdf
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdf
 
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
 
How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
 
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
 
Seal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxSeal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptx
 
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptxINDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
 
Unit-IV; Professional Sales Representative (PSR).pptx
Unit-IV; Professional Sales Representative (PSR).pptxUnit-IV; Professional Sales Representative (PSR).pptx
Unit-IV; Professional Sales Representative (PSR).pptx
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
 

Testing

  • 1. Cyber Security Principles for Managers Module 1 MIS 645
  • 2.
  • 3.
  • 4. Interrelationships of elements People Technology Operation Training & Awareness Security Admin. Personal Security Physical Security Risk Management Auditing and Monitoring Incident & Response Contingency & Recovery
  • 5.
  • 6.
  • 7.
  • 8.
  • 9.
  • 10.
  • 11.
  • 12.
  • 13.
  • 14.
  • 15.
  • 16.
  • 17.
  • 18.
  • 19.
  • 20.
  • 21.
  • 22.
  • 23.
  • 24. Roles and Responsibilities Examines security Auditor Performs tasks in accordance with the stated policies User/Operator Preserves the information’s Confidentiality,Integrity, Availability Custodian Determines the data classification Owner Functional responsibility for security Information Security Officer Ultimate responsibility for security Senior Manager Responsibility Role
  • 25.
  • 26.
  • 27.
  • 28.
  • 29.
  • 30.
  • 31.
  • 32.

Editor's Notes

  1. These three will be talked about throughout the course. Referred to as the InfoSec Triad, C.I. A. Confidentiality attempts to prevent the intentional or unintentional unauthorized disclosure of a messages contents. Loss of confidentiality can occur in many ways, intentional release of private company information or through misapplication of network user rights. Integrity ensures that: modifications are not made to data by unauthorized personnel or processes. Unauthorized modifications are not made to data by authorized personnel of processes, the data are internally and externally consistent among all sub-entities and that the internal information is consistent with the real world, external situation Availability ensures the reliable and timely access to data or computing resources by the appropriate personnel. Availability guarantees that the systems are up and running when they are needed. D.A.D is the opposite of C.I.A. Disclosure, alteration, and destruction.
  2. Loss of confidentiality can occur in many ways, intentional release of private company information or through misapplication of network user rights. the data are internally and externally consistent among all sub-entities and that the internal information is consistent with the real world, external situation Availability guarantees that the systems are up and running when they are needed
  3. Unclassified: Public release of this information does not violate any confidence. Sensitive but unclassified, test answers, health care information. Confidential: the unauthorized disclosure of this information could cause some damage Secret: unauthorized disclosure of this information could cause serious damage Top Secret:Could cause exceptionally grave damage (presidential level information)
  4. An asset is a resource, process, product, computing infrastructure that must be protected. Threat is the occurrence of any event that causes an undesirable impact on the enterprise. Vulnerability is the spot where there is a weakness or the absence of a safeguard. Safeguard is a control or countermeasure used to reduce the risk of a given threat. Exposure factor represents the percentage of loss a realized threat would have on a specific asset. Single Loss Expectancy is the dollar amount assigned to a single event. The asset value times the Exposure Factor. Annualized rate of occurrence is the number that represents the estimated frequency in which a threat is expected to occur. Deriving this number can be tricky. A meteor hitting the site may only happen once in 100,000 years so the ARO would be .00001. But users attempting to access unauthorized data could happen 6 times a year, if you had 100 operators then the ARO would be 600. Annualized Loss Expectancy is a dollar value calculated from the single loss expectancy times ARO
  5. Recovery Ability: Reset after using safeguard: no asset destruction during activation or reset no covert channel access to or through the control during reset no security loss or increase in exposure after activation or reset defaults to a state that does not enable any operator access or rights until the controls are fully operational