28-03-2011, 11:27 AM
infor-security.doc (Size: 153.5 KB / Downloads: 102)
1. What is information security?
Information security in today’s enterprise is a “well-informed sense of assurance that the information risks and controls are in balance.” –Jim Anderson, Inovant (2002)
• The protection of information and its critical elements, including the systems and hardware that use, store, and transmit that information
• Tools, such as policy, awareness, training, education, and technology are necessary
2. What is C.I.A?
The C.I.A. triangle was the standard based on confidentiality, integrity, and availability. The C.I.A. triangle has expanded into a list of critical characteristics of information
3. Write a note on the history of information security
Computer security began immediately after the first mainframes were developed
Groups developing code-breaking computations during World War II created the first modern computers
Physical controls were needed to limit access to authorized personnel to sensitive military locations
Only rudimentary controls were available to defend against physical theft, espionage, and sabotage
4. What is Rand Report R-609?
Information Security began with Rand Corporation Report R-609, The Rand Report was the first widely recognized published document to identify the role of management and policy issues in computer security.
5. What is the scope of computer security?
The scope of computer security grew from physical security to include:
a. Safety of the data
b. Limiting unauthorized access to that data
c. Involvement of personnel from multiple levels of the organization
6. What is Security?
• “The quality or state of being secure--to be free from danger”
• To be protected from adversaries
7. Define Physical security
Physical Security – to protect physical items, objects or areas of organization from unauthorized access and misuse
8. Define Personal Security
Personal Security involves protection of individuals or group of individuals who are authorized to access the organization and its operations
9. Define Operations security
Operations security focuses on the protection of the details of particular operations or series of activities.
10. Define Communications security
Communications security – encompasses the protection of organization’s communications media, technology and content
11. Define Network security
Network security – is the protection of networking components,connections,and contents
12. Define Information security
Information security – is the protection of information and its critical elements, including the systems and hardware that use ,store, and transmit the information