Networks Flashcards
Component that increased need for information security;
Component that increased need for information security; challenges
emerge as information systems are increasingly interconnected
* Manage the network perimeter
* Use firewalls
* Prevent malicious content
* Protect the internal network
* Segregate network
* Secure wireless access
* Enable secure administration
* Configure the exception handling processes
* Monitor the network
* Assurance processes
Personnel
Often overlooked in computer security considerations, but people
make mistakes, fall victim of social engineering, may susceptible to
bribery/blackmail
* Produce a user security policy
* Establish a staff induction process
* Maintain user awareness of the security risks faced by the
organisation
* Support the formal assessment of security skills
* Monitor the effectiveness of security training
* Promote an incident reporting culture
* Establish a formal disciplinary process
How might compromise of an info asset
affect supporting assets?
- Leaking your access code might allow an unauthorised person
to get access to a company’s secure area - Losing data centre due to fire may result in destruction of all
information assets unless backed-up off-site - Stolen laptop may result in third-party accessing trade secrets
- Leaking your password for your internet bank may result in
monetary loss
Subjects and objects of an attack
Assets may be either the subject and object of an attack
* the subject is an active tool used to conduct an attack
* the object of an attack is the entity being attacked