4dc03d21d3c8a36aadce5c81238a210d.ppt
- Количество слайдов: 104
Chapter 1 – we will talk about
Confidentiality (60)
Integrity (60)
Integrity Example
Integrity
Availability
Security Management
Security Management
Security Management
IMPORTANT REMINDER
Security Controls
Functional vs. Assurance
Security Definitions*
Vulnerability* (61)
Threat *
Threat Agent
Risk
Exposure
Countermeasure or Safeguard
End of risk terms
Organizational Security Models
Organization Security Models
Goals*
Break?
What are risks*
Risks
Risk management
IRM policy
IRM team (83)
Risk Analysis (83)
Risk Analysis Goals (83)
2 types of analysis
Quantitative (92)
Quantitative Analysis (93)
Step 4: Derive the ALE (95)
Details of Reducing Risk (102)
Details of Reducing Risk (102)
Word Problem
Word Problem Answer
Qualitative Risk Analysis
Qualitative (98)
Delphi* (100)
Modified Delphi
Review of Q vs. Q
Security Policy* (110)
Security Policy (110)
Security Policy
Standards* (112)
Baseline* (113)
Baseline
Guidelines* (114)
Procedures* (114)
Random Terminology*
Review of Policies, Standards…
Information Classification (117)
Information Classification
Classification Controls
Classification Controls
Positions and Responsibilities
Data Owner* (130)
Data Owner*
Data Custodian* (131)
System Owner (131)
Security Administrator* (132)
Security Analyst* (132)
Application Owner* (132)
Supervisor (132)
Data Analyst (133)
Process Owner (133)
Solution Provider
User * (134)
Auditor* (134)
Auditor (not in book)
Enough of the positions
Separation of Duties*
Collusion* (136)
Hiring Practices* (136)
Rotation of Duties* (138)
Mandatory Vacations* (139)
Split Knowledge* (138)
Dual Control
Employee Termination*
OK chapter review
4dc03d21d3c8a36aadce5c81238a210d.ppt