quiz Flashcards
It is concerned with safeguarding the physical
assets, people, and infrastructure of an
organization from unauthorized access, damage,
theft, or harm.
Physical Security
people, hardware, and supporting
systems, which includes buildings and their various parts.
Physical Assets
These are critical components of a
comprehensive security strategy for protecting facilities
and assets.
Physical Control
These are obvious barriers make it
clear to people that they are not allowed to walk beyond a
certain point.
Walls or Fences
Obvious points of access.
Gate
assigning it on a gate, a door, or an asset allows
you to set rules for passage and usage that can be
interpreted by a human being or referred to an authorizing
level of management.
Guards
They should probably appear as a subset
of guards.
Guard Dogs
It involves securing the
outer boundaries of a facility.
Perimeter Security
It regulate and
monitor entry and exit points to a facility.
Access Control Systems
It include closed-circuit
television cameras strategically placed to
monitor and record activities within and around
the facility.
Surveillance Systems
It uses sensors
to detect unauthorized entry or movement within
secured areas.
Intrusion Detection Systems
It contributes to the overall
safety of a facility by reducing blind spots and
enhancing the effectiveness of other security
measures.
Security Lighting
It provide additional
protection against forced entry, vehicle attacks,
or other physical threats.
Physical Barriers
– They play a crucial role in
monitoring access points, conducting patrols,
and responding to emergencies.
Security Personnel
It uses
unique physiological or behavioral
characteristics for identity verification.
Biometric Access Control Systems
These plans include designated evacuation routes, assembly points, and emergency
communication systems.
Emergency Response and Evacuation Plans
It include measures
like fire suppression systems, climate control,
and humidity regulation to protect physical
assets from environmental hazards.
Environmental Controls
It involves a comprehensive approach that
encompasses project management, technical
aspects, non-technical aspects, and
certification/accreditation processes.
Implementing Information Security
– It
involves planning, executing, and controlling
activities to ensure that security measures are
effectively implemented within an organization.
Information Security Project Management
It
involves deploying and configuring security
technologies, tools, and measures to protect
information assets.
Technical Aspects of Implementation
It
involves policies, procedures, training, and
awareness campaigns aimed at fostering a
security-conscious culture within the
organization.
Nontechnical Aspects of Implementation
It involves assessing and
validating the effectiveness of an organization’s
information security controls.
Information System Security Certification
and Accreditation
– It is a critical aspect
of managing a secure information assurance security
Information Security Maintenance
It is meant to be a generic
description of what an organization should do to provide a
secure environment for itself.
Security Management Model
This is being
implemented to define the framework for
decision-making, accountability, and
responsibility in information security.
Security Governance
It
is embraced to detect security incidents and
vulnerabilities in real-time.
Continuous Monitoring and Improvement
This is applied to
guide the ongoing development, maintenance,
and improvement of security measures.
Security Lifecycle Models
– It is ensured to
conduct regularly and that this plan is dynamic,
adapting to changes in the organization and the
external environment.
Risk Management Models
This is established and monitored
to measure the effectiveness of security controls.
Security Metrics and Key Performance
Indicators
Protecting
sensitive government information, military
communications, and critical infrastructure from
cyber threats is crucial for maintaining the
country’s security and stability.
National Security Concerns
About the
awareness campaigns which can help prevent
common security pitfalls such as weak
passwords, social engineering attacks, and
unsafe online behavior.
Education and
Awareness
are governed by a combination of
legal frameworks, industry standards, and organizational
policies.
Ethical Laws on IT
Enacted to protect the fundamental human right to privacy,
this law governs the processing of personal information.
DATA PRIVACY ACT OF 2012 (R.A. NO. 10173)
It addresses issues related to online contracts,
digital signatures, and the use of electronic data
messages.
ELECTRONIC COMMERCE ACT OF 2000 (R.A. NO.
8792)
- Enacted to address offenses committed using the
internet, this law includes provisions on cybercrime, such
as illegal access, data interference, computer-related
fraud, and content-related offenses.
CYBERCRIME PREVENTION ACT OF 2012 (R.A. NO.
10175)
This law criminalizes the unauthorized
recording, sharing, or publication of private acts through
photos or videos without the consent of the individuals
involved.
ANTI-PHOTO AND VIDEO VOYEURISM ACT OF 2009
(R.A. NO. 9995)
This law penalizes fraudulent acts involving
access devices, including credit cards and debit cards.
ACCESS DEVICES REGULATION ACT OF 1998 (R.A.
NO. 8484)
– It protects copyright and
related rights. It covers software and other digital content
created by individuals or organizations.
INTELLECTUAL PROPERTY CODE OF THE
PHILIPPINES (R.A. NO. 8293)
With the
implementation of this, organizations are legally
obligated to ensure the protection of personal
data.
Data Protection and Privacy
The Philippines, like
many other countries, faces a range of it,
including malware, phishing attacks.
Cybersecurity Threat
– It
is all about the growth of digital financial services
and e-commerce in the Philippines that requires
a secure online environment.
Financial Transactions and E-commerce
Ensuring the security of these
systems is crucial to prevent disruptions,safeguard national interests, and protect
citizens’ data.
Government Systems and Critical
Infrastructure -
This type of study focuses on one
individual. This case study would use several
types of research to determine an outcome.
Person
This type of study focuses on a group
of people. This could be a family, a group, or
friends, or even coworkers.
Group
This type of study
focuses on a business or an organization.
Organization/Company
– This type of study focuses on a place,
and how and why people use the place.
Location
– This type of study focuses on an event,
whether cultural or societal, and how it affects
those that are affected by it.
Event
A step to
determine what the case study will be about.
Define The Task, Question or Topic
– This
research stage is the longest and most detailed
of the case study process.
Do Research, Interviews, Collect Data
– A step to know what the study
proved and what conclusions can be made.
Make Recommendations and Form
Conclusions
It that requires a cover page,
references, and all the acquired data and
information compiled in a readable and cohesive
report.
Write The Report
