SlideShare a Scribd company logo

Unit 1 Information Security.docx

Download as DOCX, PDF
P
PrernaThakwani

Ethical Hacking

Education
1 of 8
UNIT I -Information Security Overview The rapid increase in the growth of information technology is also increasing the risk of information breaches; urging for a strategy to protect information in a systematic way. Organizations must develop and implement a complete strategy to ensure protection from security risks and safeguard confidential data. Information Security is a strategic implementation of tools and strategies to secure personal information from unauthorized access involving unlawful activities, disruption, diminishing, or inspection. History : Information security as a science in and of itself is relatively new. However, the practice of securing information has been around as long as people have been needing to keep secrets. Some notable attempts in the ancient world to hide information were simply clever means of concealment. For instance, the ancient Greeks are thought to have tattooed messages on the scalps of slaves who subsequently grew out their hair to cover the message. The slaves were then sent to the intended recipient and would have their heads shaved to reveal the secret. Leonardo da Vinci is famous for writing backward in his notebooks using a mirror to make it difficult for others to know what he was writing. Information Security – An Overview
Information Security (sometimes known as InfoSec) covers companies’ methods and techniques to safeguard information. This often consists of various tools that organizations use to protect data by setting policies that stop unofficial people from gaining access to business or confidential information. Information Security is a vast and developing technology that includes a broad range of fields, from network and system security to checking and inspection. Therefore, information security can be considered as a foundation whose goal is to build security tools, policies and ensure the safety of confidential data (like cognitive data(Cognitive data capture uses artificial intelligence (AI) to mimic the way the human mind reads structured documents.), financial details, etc.). Data classification is a major constituent of setting up an InfoSec strategy. What is data classification in information security? It’s the categorization of data based on its level of vulnerability(Sensitive), and the effect on the organization should that data be disclosed, changed, or diminished without authorization. Data classification aids in choosing the suitable baseline security procedures to secure that data. Principles of Information Security InfoSec is primarily based on 3 building blocks: confidentiality, integrity and availability (often termed as CIA triad). Let's take a closer look on what is CIA triad and how the CIA triad protects data.
1. Confidentiality Confidentiality evaluates the protection from unofficial information broadcasting. The goal of the confidentiality principle is to keep sensitive information private and to ensure that it is manifest and available only to those who are authorized to use it to fulfill their important or institutional projects. 2. Integrity The main purpose of the integrity principle is to protect data from being modified in any uncertified way. It provides stability and guarantees that data is correct, authentic, and not modified (addition, deletion, etc.). It continuously protects data from modification, whether coincidentally or unfaithfully. 3. Availability The primary objective of availability is to verify that the complete data is available every time (or at any moment) whenever an official person needs it. This means availability is the safeguard to a system's capacity to build technology more effectively, software tools, applications, and data accessible when required for any institutional tasks or any institutional worker. Types of Information Security While Information Security can be of numerous types, the most commonly used in the IT sector include:  Application Security  Infrastructure Security  Cloud Security  Cryptography
Application Security Application security is a technique to protect applications and programming interfaces (APIs) to stop, identify the bugs and other intrusions in your applications. Application security characteristics contain documentation, authorization, encoding, and application security checking. Organizations can use secure coding practices to minimize vulnerabilities, scanner to continuously detect the new vulnerabilities and Web Application Firewall to secure public application from OWASP Top 10 and other attack vectors. Infrastructure Security Infrastructure security refers to machinery assets involving computers, communications systems, and cloud materials. The purpose of infrastructure security covers safety from common cybercrimes and protection from natural calamities and other accidents. Infrastructure security also plays a vital role in reducing the risk of damage due to malfunction. Cryptography Cryptography refers to encryption of data to secure information. It is an information security technique that uses codes to safeguard reliable information against cyber risk. To encrypt data, the InfoSec teams apply numerical hypotheses, and a series of rule-based calculations called algorithms to alter messages in ways that are difficult to decode or decrypt. Cloud Security Cloud security is close to the application and infrastructure security, but it is mainly focused on cloud-computing or cloud-connected parts and data. Cloud computing security is another name, cloud security is a group of safety measures developed to secure data, apps, and cloud- based configurations.
Check out our CEH v12 training to learn more about the types of information security and how to protect data from malicious hackers and stop misuse of data. Moving further, we'll look at what Information Security Policies are and why they are important in InfoSec. Information Security Policy Organizations enforcing compliance requires them to have defined policies. Policies provide guidance, consistency, and clarity around an organization’s operations. Similarly, information security policies exist to set a standard around the use of the organization's information technology. They usually consist of:  Data or sets of data that the policy applies to.  A well-defined list of people or programs having access to the said data.  Guidelines for setting passwords or passcodes.  Roles of employees in safeguarding of data.  A data support and operations plan to ensure data availability. An effective security policy prevents security threats and the risk of information disclosure. This makes the system more practical and worthy to use. You might come across several different terms when examining or designing an Information Security Policy. We’ve tried explaining some of them below: What is ISMS? An ISMS (information security management system) represent the collection of rules and methods that IT and commercial organizations use to safeguard their information assets against threats and weaknesses. What is HTTPS protocol? Hypertext transfer protocol secure (HTTPS) is the most commonly used protocol to receive and send data on the internet. HTTPS is encrypted in order to secure the data being transferred.
What is a network security key? Network Security Key is a network password or passcode that is used to access the local area network (LAN). The key provides a means to protect the data and establish a secure connection between the client and the host. You may wonder what is network security key for Wi-Fi? It’s usually similar to network security key but used for a wireless area network. It’s used to establish a protected connection between the seeking client and the contributing wireless device, such as routers. What is ISO27001? ISO27001 is the international standard for information security. An ISMS uses ISO27001, which provides help to any group or industry of any size to secure their information in an organized and cheapest way. What is an encrypted email? An encrypted email is simply an email encrypted with an encryption protocol, usually S/MIME and PGP/MIME. The public key infrastructure (PKI) is used to encrypt and decrypt emails. What makes a good password? Strong passwords are key in securing data from malicious hackers. An important aspect of a strong password is length (longer is better). Mix of letters (uppercase and lowercase), numbers, and symbols with no links to personal data or words from dictionaries. Information Security Measures Information security requires a broad approach of measures to be taken which includes technical, organizational, human, and physical processes. 1. Technical measures include precautions to protect an organization's hardware and software. These usually include encryption, firewalls, and other measures.
2. Organizational measures include establishing an internal information security department and integrating InfoSec into each department of the organization. 3. Human measures include training all employees and members of the company on appropriate information security practices and practicing it properly. 4. Physical measures consist of controlling physical access of personnel to offices, control rooms, and data centers. Looking to boost your career? Join our ITIL Foundation Certification Training and gain expertise in IT Service Management. Enroll now! Conclusion Summing up, information security is the vast growing technology that provides full protection to sensitive private information and makes internet networks reliable. The basic key factors of information security are availability, integrity, accountability, confidentiality, and non- repudiation. The primary goal of information security industry is to protect personal information from unofficial activities which leads information security industry to certain excellent execution in the fields like firewalls, legal liability and multi-factor authentication. There are many growing organizations and firm consultants educating and training about information security such as KnowledgeHut IT Security training that supports and offers intelligent information security techniques and methods that teach and polish skills for future and any failure or threat. Shortly, the primary goal of information security is to stop the loss of private information, recover loss of authentic details, and protect
information from modification. It not only protects local data but data on the cloud as well.

Recommended

Information security[277]
Information security[277]Information security[277]
Information security[277]Timothy Warren
 
Fundamentals of Information Security..pdf
Fundamentals of Information Security..pdfFundamentals of Information Security..pdf
Fundamentals of Information Security..pdfZahid Hussain
 
Discuss how a successful organization should have the followin.docx
Discuss how a successful organization should have the followin.docxDiscuss how a successful organization should have the followin.docx
Discuss how a successful organization should have the followin.docxcuddietheresa
 
Discuss how a successful organization should have the followin.docx
Discuss how a successful organization should have the followin.docxDiscuss how a successful organization should have the followin.docx
Discuss how a successful organization should have the followin.docxsalmonpybus
 
Fundamentals of-information-security
Fundamentals of-information-security Fundamentals of-information-security
Fundamentals of-information-security madunix
 
Top Cyber Security Interview Questions and Answers 2022.pdf
Top Cyber Security Interview Questions and Answers 2022.pdfTop Cyber Security Interview Questions and Answers 2022.pdf
Top Cyber Security Interview Questions and Answers 2022.pdfCareerera
 
Security policy case study
Security policy case studySecurity policy case study
Security policy case studyashu6
 
Cybersecurity Vs Information Security.pptx
Cybersecurity Vs Information Security.pptxCybersecurity Vs Information Security.pptx
Cybersecurity Vs Information Security.pptxInfosectrain3
 

Recommended

Information security[277]
Information security[277]Information security[277]
Information security[277]Timothy Warren
 
Fundamentals of Information Security..pdf
Fundamentals of Information Security..pdfFundamentals of Information Security..pdf
Fundamentals of Information Security..pdfZahid Hussain
 
Discuss how a successful organization should have the followin.docx
Discuss how a successful organization should have the followin.docxDiscuss how a successful organization should have the followin.docx
Discuss how a successful organization should have the followin.docxcuddietheresa
 
Discuss how a successful organization should have the followin.docx
Discuss how a successful organization should have the followin.docxDiscuss how a successful organization should have the followin.docx
Discuss how a successful organization should have the followin.docxsalmonpybus
 
Fundamentals of-information-security
Fundamentals of-information-security Fundamentals of-information-security
Fundamentals of-information-security madunix
 
Top Cyber Security Interview Questions and Answers 2022.pdf
Top Cyber Security Interview Questions and Answers 2022.pdfTop Cyber Security Interview Questions and Answers 2022.pdf
Top Cyber Security Interview Questions and Answers 2022.pdfCareerera
 
Security policy case study
Security policy case studySecurity policy case study
Security policy case studyashu6
 
Cybersecurity Vs Information Security.pptx
Cybersecurity Vs Information Security.pptxCybersecurity Vs Information Security.pptx
Cybersecurity Vs Information Security.pptxInfosectrain3
 
Chapter 6 Security of Information and Cyber Security(FASS)
Chapter 6 Security of Information and Cyber Security(FASS)Chapter 6 Security of Information and Cyber Security(FASS)
Chapter 6 Security of Information and Cyber Security(FASS)Md Shaifullar Rabbi
 
MIS 7.pptx
MIS 7.pptxMIS 7.pptx
MIS 7.pptxOmar91305
 
What is Cyber security.pdf
What is Cyber security.pdfWhat is Cyber security.pdf
What is Cyber security.pdfchanduvarma019
 
Security of IOT,OT And IT.pptx
Security of IOT,OT And IT.pptxSecurity of IOT,OT And IT.pptx
Security of IOT,OT And IT.pptxMohanPandey31
 
Do You Know About Cyber Security? | Secninjaz Technologies LLP
Do You Know About Cyber Security? | Secninjaz Technologies LLP Do You Know About Cyber Security? | Secninjaz Technologies LLP
Do You Know About Cyber Security? | Secninjaz Technologies LLP Secninjaz Technologies LLP
 
Effective Cyber Security Technology Solutions for Modern Challenges
Effective Cyber Security Technology Solutions for Modern ChallengesEffective Cyber Security Technology Solutions for Modern Challenges
Effective Cyber Security Technology Solutions for Modern Challengescyberprosocial
 
Information Systems.pptx
Information Systems.pptxInformation Systems.pptx
Information Systems.pptxKnownId
 
Presentation 1.pptx
Presentation 1.pptxPresentation 1.pptx
Presentation 1.pptxrabeetkashif
 
Cyber security
Cyber securityCyber security
Cyber securityPrem Raval
 
Cybersecurity Interview Questions and Answers.pdf
Cybersecurity Interview Questions and Answers.pdfCybersecurity Interview Questions and Answers.pdf
Cybersecurity Interview Questions and Answers.pdfJazmine Brown
 
Introduction to cyber security.pptx
Introduction to cyber security.pptxIntroduction to cyber security.pptx
Introduction to cyber security.pptxSharmaAnirudh2
 
Module 1Introduction to cyber security.pptx
Module 1Introduction to cyber security.pptxModule 1Introduction to cyber security.pptx
Module 1Introduction to cyber security.pptxSkippedltd
 
Cryptography and Network Security Principles and PracticeEigh
Cryptography and Network Security Principles and PracticeEighCryptography and Network Security Principles and PracticeEigh
Cryptography and Network Security Principles and PracticeEighMargenePurnell14
 
Security Ch-1.pptx
Security Ch-1.pptxSecurity Ch-1.pptx
Security Ch-1.pptxKeenboonAsaffaa
 
Awareness Security Session 2023 v1.0.pptx.pdf
Awareness Security Session 2023 v1.0.pptx.pdfAwareness Security Session 2023 v1.0.pptx.pdf
Awareness Security Session 2023 v1.0.pptx.pdfAbdullahKanash
 
A network security policy group project unit 4 (1) july 2015
A network security policy group project unit 4 (1) july 2015A network security policy group project unit 4 (1) july 2015
A network security policy group project unit 4 (1) july 2015Jeffery Brown
 
what is cybersecurity.pdf
what is cybersecurity.pdfwhat is cybersecurity.pdf
what is cybersecurity.pdfpublicchats
 
How Can Our IT Solutions Enhance Security and Protect Your Data?
How Can Our IT Solutions Enhance Security and Protect Your Data?How Can Our IT Solutions Enhance Security and Protect Your Data?
How Can Our IT Solutions Enhance Security and Protect Your Data?VRS Technologies
 
Concept Of Cyber Security.pdf
Concept Of Cyber Security.pdfConcept Of Cyber Security.pdf
Concept Of Cyber Security.pdfFahadZaman38
 
Introduction to security
Introduction to securityIntroduction to security
Introduction to securityMukesh Chinta
 
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...Sapna Thakur
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingTechSoup
 

More Related Content

Similar to Unit 1 Information Security.docx

Chapter 6 Security of Information and Cyber Security(FASS)
Chapter 6 Security of Information and Cyber Security(FASS)Chapter 6 Security of Information and Cyber Security(FASS)
Chapter 6 Security of Information and Cyber Security(FASS)Md Shaifullar Rabbi
 
What is Cyber security.pdf
What is Cyber security.pdfWhat is Cyber security.pdf
What is Cyber security.pdfchanduvarma019
 
Security of IOT,OT And IT.pptx
Security of IOT,OT And IT.pptxSecurity of IOT,OT And IT.pptx
Security of IOT,OT And IT.pptxMohanPandey31
 
Do You Know About Cyber Security? | Secninjaz Technologies LLP
Do You Know About Cyber Security? | Secninjaz Technologies LLP Do You Know About Cyber Security? | Secninjaz Technologies LLP
Do You Know About Cyber Security? | Secninjaz Technologies LLP Secninjaz Technologies LLP
 
Effective Cyber Security Technology Solutions for Modern Challenges
Effective Cyber Security Technology Solutions for Modern ChallengesEffective Cyber Security Technology Solutions for Modern Challenges
Effective Cyber Security Technology Solutions for Modern Challengescyberprosocial
 
Information Systems.pptx
Information Systems.pptxInformation Systems.pptx
Information Systems.pptxKnownId
 
Presentation 1.pptx
Presentation 1.pptxPresentation 1.pptx
Presentation 1.pptxrabeetkashif
 
Cyber security
Cyber securityCyber security
Cyber securityPrem Raval
 
Cybersecurity Interview Questions and Answers.pdf
Cybersecurity Interview Questions and Answers.pdfCybersecurity Interview Questions and Answers.pdf
Cybersecurity Interview Questions and Answers.pdfJazmine Brown
 
Introduction to cyber security.pptx
Introduction to cyber security.pptxIntroduction to cyber security.pptx
Introduction to cyber security.pptxSharmaAnirudh2
 
Module 1Introduction to cyber security.pptx
Module 1Introduction to cyber security.pptxModule 1Introduction to cyber security.pptx
Module 1Introduction to cyber security.pptxSkippedltd
 
Cryptography and Network Security Principles and PracticeEigh
Cryptography and Network Security Principles and PracticeEighCryptography and Network Security Principles and PracticeEigh
Cryptography and Network Security Principles and PracticeEighMargenePurnell14
 
Awareness Security Session 2023 v1.0.pptx.pdf
Awareness Security Session 2023 v1.0.pptx.pdfAwareness Security Session 2023 v1.0.pptx.pdf
Awareness Security Session 2023 v1.0.pptx.pdfAbdullahKanash
 
A network security policy group project unit 4 (1) july 2015
A network security policy group project unit 4 (1) july 2015A network security policy group project unit 4 (1) july 2015
A network security policy group project unit 4 (1) july 2015Jeffery Brown
 
what is cybersecurity.pdf
what is cybersecurity.pdfwhat is cybersecurity.pdf
what is cybersecurity.pdfpublicchats
 
How Can Our IT Solutions Enhance Security and Protect Your Data?
How Can Our IT Solutions Enhance Security and Protect Your Data?How Can Our IT Solutions Enhance Security and Protect Your Data?
How Can Our IT Solutions Enhance Security and Protect Your Data?VRS Technologies
 
Concept Of Cyber Security.pdf
Concept Of Cyber Security.pdfConcept Of Cyber Security.pdf
Concept Of Cyber Security.pdfFahadZaman38
 
Introduction to security
Introduction to securityIntroduction to security
Introduction to securityMukesh Chinta
 

Similar to Unit 1 Information Security.docx (20)

Chapter 6 Security of Information and Cyber Security(FASS)
Chapter 6 Security of Information and Cyber Security(FASS)Chapter 6 Security of Information and Cyber Security(FASS)
Chapter 6 Security of Information and Cyber Security(FASS)
 
MIS 7.pptx
MIS 7.pptxMIS 7.pptx
MIS 7.pptx
 
What is Cyber security.pdf
What is Cyber security.pdfWhat is Cyber security.pdf
What is Cyber security.pdf
 
Security of IOT,OT And IT.pptx
Security of IOT,OT And IT.pptxSecurity of IOT,OT And IT.pptx
Security of IOT,OT And IT.pptx
 
Do You Know About Cyber Security? | Secninjaz Technologies LLP
Do You Know About Cyber Security? | Secninjaz Technologies LLP Do You Know About Cyber Security? | Secninjaz Technologies LLP
Do You Know About Cyber Security? | Secninjaz Technologies LLP
 
Effective Cyber Security Technology Solutions for Modern Challenges
Effective Cyber Security Technology Solutions for Modern ChallengesEffective Cyber Security Technology Solutions for Modern Challenges
Effective Cyber Security Technology Solutions for Modern Challenges
 
Information Systems.pptx
Information Systems.pptxInformation Systems.pptx
Information Systems.pptx
 
Presentation 1.pptx
Presentation 1.pptxPresentation 1.pptx
Presentation 1.pptx
 
Cyber security
Cyber securityCyber security
Cyber security
 
Cybersecurity Interview Questions and Answers.pdf
Cybersecurity Interview Questions and Answers.pdfCybersecurity Interview Questions and Answers.pdf
Cybersecurity Interview Questions and Answers.pdf
 
Introduction to cyber security.pptx
Introduction to cyber security.pptxIntroduction to cyber security.pptx
Introduction to cyber security.pptx
 
Module 1Introduction to cyber security.pptx
Module 1Introduction to cyber security.pptxModule 1Introduction to cyber security.pptx
Module 1Introduction to cyber security.pptx
 
Cryptography and Network Security Principles and PracticeEigh
Cryptography and Network Security Principles and PracticeEighCryptography and Network Security Principles and PracticeEigh
Cryptography and Network Security Principles and PracticeEigh
 
Security Ch-1.pptx
Security Ch-1.pptxSecurity Ch-1.pptx
Security Ch-1.pptx
 
Awareness Security Session 2023 v1.0.pptx.pdf
Awareness Security Session 2023 v1.0.pptx.pdfAwareness Security Session 2023 v1.0.pptx.pdf
Awareness Security Session 2023 v1.0.pptx.pdf
 
A network security policy group project unit 4 (1) july 2015
A network security policy group project unit 4 (1) july 2015A network security policy group project unit 4 (1) july 2015
A network security policy group project unit 4 (1) july 2015
 
what is cybersecurity.pdf
what is cybersecurity.pdfwhat is cybersecurity.pdf
what is cybersecurity.pdf
 
How Can Our IT Solutions Enhance Security and Protect Your Data?
How Can Our IT Solutions Enhance Security and Protect Your Data?How Can Our IT Solutions Enhance Security and Protect Your Data?
How Can Our IT Solutions Enhance Security and Protect Your Data?
 
Concept Of Cyber Security.pdf
Concept Of Cyber Security.pdfConcept Of Cyber Security.pdf
Concept Of Cyber Security.pdf
 
Introduction to security
Introduction to securityIntroduction to security
Introduction to security
 

Recently uploaded

BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...Sapna Thakur
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingTechSoup
 
Disha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfDisha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfchloefrazer622
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphThiyagu K
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxVS Mahajan Coaching Centre
 
Student login on Anyboli platform.helpin
Student login on Anyboli platform.helpinStudent login on Anyboli platform.helpin
Student login on Anyboli platform.helpinRaunakKeshri1
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxGaneshChakor2
 
Russian Call Girls in Andheri Airport Mumbai WhatsApp 9167673311 💞 Full Nigh...
Russian Call Girls in Andheri Airport Mumbai WhatsApp 9167673311 💞 Full Nigh...Russian Call Girls in Andheri Airport Mumbai WhatsApp 9167673311 💞 Full Nigh...
Russian Call Girls in Andheri Airport Mumbai WhatsApp 9167673311 💞 Full Nigh...Pooja Nehwal
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104misteraugie
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsTechSoup
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Celine George
 
mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docxPoojaSen20
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactPECB
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3JemimahLaneBuaron
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactdawncurless
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeThiyagu K
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionSafetyChain Software
 
9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room servicediscovermytutordmt
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Sapana Sha
 

Recently uploaded (20)

BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
 
Disha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfDisha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdf
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot Graph
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
 
Student login on Anyboli platform.helpin
Student login on Anyboli platform.helpinStudent login on Anyboli platform.helpin
Student login on Anyboli platform.helpin
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptx
 
Russian Call Girls in Andheri Airport Mumbai WhatsApp 9167673311 💞 Full Nigh...
Russian Call Girls in Andheri Airport Mumbai WhatsApp 9167673311 💞 Full Nigh...Russian Call Girls in Andheri Airport Mumbai WhatsApp 9167673311 💞 Full Nigh...
Russian Call Girls in Andheri Airport Mumbai WhatsApp 9167673311 💞 Full Nigh...
 
Advance Mobile Application Development class 07
Advance Mobile Application Development class 07Advance Mobile Application Development class 07
Advance Mobile Application Development class 07
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17
 
mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docx
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and Mode
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory Inspection
 
9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
 

Unit 1 Information Security.docx

  • 1. UNIT I -Information Security Overview The rapid increase in the growth of information technology is also increasing the risk of information breaches; urging for a strategy to protect information in a systematic way. Organizations must develop and implement a complete strategy to ensure protection from security risks and safeguard confidential data. Information Security is a strategic implementation of tools and strategies to secure personal information from unauthorized access involving unlawful activities, disruption, diminishing, or inspection. History : Information security as a science in and of itself is relatively new. However, the practice of securing information has been around as long as people have been needing to keep secrets. Some notable attempts in the ancient world to hide information were simply clever means of concealment. For instance, the ancient Greeks are thought to have tattooed messages on the scalps of slaves who subsequently grew out their hair to cover the message. The slaves were then sent to the intended recipient and would have their heads shaved to reveal the secret. Leonardo da Vinci is famous for writing backward in his notebooks using a mirror to make it difficult for others to know what he was writing. Information Security – An Overview
  • 2. Information Security (sometimes known as InfoSec) covers companies’ methods and techniques to safeguard information. This often consists of various tools that organizations use to protect data by setting policies that stop unofficial people from gaining access to business or confidential information. Information Security is a vast and developing technology that includes a broad range of fields, from network and system security to checking and inspection. Therefore, information security can be considered as a foundation whose goal is to build security tools, policies and ensure the safety of confidential data (like cognitive data(Cognitive data capture uses artificial intelligence (AI) to mimic the way the human mind reads structured documents.), financial details, etc.). Data classification is a major constituent of setting up an InfoSec strategy. What is data classification in information security? It’s the categorization of data based on its level of vulnerability(Sensitive), and the effect on the organization should that data be disclosed, changed, or diminished without authorization. Data classification aids in choosing the suitable baseline security procedures to secure that data. Principles of Information Security InfoSec is primarily based on 3 building blocks: confidentiality, integrity and availability (often termed as CIA triad). Let's take a closer look on what is CIA triad and how the CIA triad protects data.
  • 3. 1. Confidentiality Confidentiality evaluates the protection from unofficial information broadcasting. The goal of the confidentiality principle is to keep sensitive information private and to ensure that it is manifest and available only to those who are authorized to use it to fulfill their important or institutional projects. 2. Integrity The main purpose of the integrity principle is to protect data from being modified in any uncertified way. It provides stability and guarantees that data is correct, authentic, and not modified (addition, deletion, etc.). It continuously protects data from modification, whether coincidentally or unfaithfully. 3. Availability The primary objective of availability is to verify that the complete data is available every time (or at any moment) whenever an official person needs it. This means availability is the safeguard to a system's capacity to build technology more effectively, software tools, applications, and data accessible when required for any institutional tasks or any institutional worker. Types of Information Security While Information Security can be of numerous types, the most commonly used in the IT sector include:  Application Security  Infrastructure Security  Cloud Security  Cryptography
  • 4. Application Security Application security is a technique to protect applications and programming interfaces (APIs) to stop, identify the bugs and other intrusions in your applications. Application security characteristics contain documentation, authorization, encoding, and application security checking. Organizations can use secure coding practices to minimize vulnerabilities, scanner to continuously detect the new vulnerabilities and Web Application Firewall to secure public application from OWASP Top 10 and other attack vectors. Infrastructure Security Infrastructure security refers to machinery assets involving computers, communications systems, and cloud materials. The purpose of infrastructure security covers safety from common cybercrimes and protection from natural calamities and other accidents. Infrastructure security also plays a vital role in reducing the risk of damage due to malfunction. Cryptography Cryptography refers to encryption of data to secure information. It is an information security technique that uses codes to safeguard reliable information against cyber risk. To encrypt data, the InfoSec teams apply numerical hypotheses, and a series of rule-based calculations called algorithms to alter messages in ways that are difficult to decode or decrypt. Cloud Security Cloud security is close to the application and infrastructure security, but it is mainly focused on cloud-computing or cloud-connected parts and data. Cloud computing security is another name, cloud security is a group of safety measures developed to secure data, apps, and cloud- based configurations.
  • 5. Check out our CEH v12 training to learn more about the types of information security and how to protect data from malicious hackers and stop misuse of data. Moving further, we'll look at what Information Security Policies are and why they are important in InfoSec. Information Security Policy Organizations enforcing compliance requires them to have defined policies. Policies provide guidance, consistency, and clarity around an organization’s operations. Similarly, information security policies exist to set a standard around the use of the organization's information technology. They usually consist of:  Data or sets of data that the policy applies to.  A well-defined list of people or programs having access to the said data.  Guidelines for setting passwords or passcodes.  Roles of employees in safeguarding of data.  A data support and operations plan to ensure data availability. An effective security policy prevents security threats and the risk of information disclosure. This makes the system more practical and worthy to use. You might come across several different terms when examining or designing an Information Security Policy. We’ve tried explaining some of them below: What is ISMS? An ISMS (information security management system) represent the collection of rules and methods that IT and commercial organizations use to safeguard their information assets against threats and weaknesses. What is HTTPS protocol? Hypertext transfer protocol secure (HTTPS) is the most commonly used protocol to receive and send data on the internet. HTTPS is encrypted in order to secure the data being transferred.
  • 6. What is a network security key? Network Security Key is a network password or passcode that is used to access the local area network (LAN). The key provides a means to protect the data and establish a secure connection between the client and the host. You may wonder what is network security key for Wi-Fi? It’s usually similar to network security key but used for a wireless area network. It’s used to establish a protected connection between the seeking client and the contributing wireless device, such as routers. What is ISO27001? ISO27001 is the international standard for information security. An ISMS uses ISO27001, which provides help to any group or industry of any size to secure their information in an organized and cheapest way. What is an encrypted email? An encrypted email is simply an email encrypted with an encryption protocol, usually S/MIME and PGP/MIME. The public key infrastructure (PKI) is used to encrypt and decrypt emails. What makes a good password? Strong passwords are key in securing data from malicious hackers. An important aspect of a strong password is length (longer is better). Mix of letters (uppercase and lowercase), numbers, and symbols with no links to personal data or words from dictionaries. Information Security Measures Information security requires a broad approach of measures to be taken which includes technical, organizational, human, and physical processes. 1. Technical measures include precautions to protect an organization's hardware and software. These usually include encryption, firewalls, and other measures.
  • 7. 2. Organizational measures include establishing an internal information security department and integrating InfoSec into each department of the organization. 3. Human measures include training all employees and members of the company on appropriate information security practices and practicing it properly. 4. Physical measures consist of controlling physical access of personnel to offices, control rooms, and data centers. Looking to boost your career? Join our ITIL Foundation Certification Training and gain expertise in IT Service Management. Enroll now! Conclusion Summing up, information security is the vast growing technology that provides full protection to sensitive private information and makes internet networks reliable. The basic key factors of information security are availability, integrity, accountability, confidentiality, and non- repudiation. The primary goal of information security industry is to protect personal information from unofficial activities which leads information security industry to certain excellent execution in the fields like firewalls, legal liability and multi-factor authentication. There are many growing organizations and firm consultants educating and training about information security such as KnowledgeHut IT Security training that supports and offers intelligent information security techniques and methods that teach and polish skills for future and any failure or threat. Shortly, the primary goal of information security is to stop the loss of private information, recover loss of authentic details, and protect
  • 8. information from modification. It not only protects local data but data on the cloud as well.