TAILIEUCHUNG - Lecture Information systems security - Chapter 1: General security concepts

The content in chapter 1: Understanding information security, understanding the goals of information security, comprehending the security process, authentication issues to consider, distinguishing between security topologies. | General Security Concepts Contents Understanding Information Security Understanding the Goals of Information Security Comprehending the Security Process Authentication Issues to Consider Distinguishing between Security Topologies Terminologies Protocol: an official set of steps or language for communication Algorithm: a specific set of steps to solve a problem or do some task String: a series of characters. Example if a character can be a-z and 0-9 an 8 character string might be “ar01z14b” Control: a countermeasure or attempt to mitigate a security risk. A firewall is technical control. Policies are HR controls. Encryption is a technical control. Information Security Security? Physical security of servers and workstations Protecting data from viruses and worms or from hackers and miscreants The capability to restore files if a user accidentally deletes them Problems with security: It is next to impossible for everyone to agree on what it means We don’t really mean that we want things to be completely secured While everyone wants security, no one wants to be inconvenienced by it Security Triad Securing the Physical Environment Protecting your assets and information from physical access by unauthorized persons Threats often present themselves as service technicians, janitors, customers, vendors, or even employees Components of physical security: Making a physical location less tempting as a target Detecting a penetration or theft Recovering from a theft or loss of critical information or systems Examining Operational Security Operational security issues include: Network access control (NAC), Authentication, Security topologies after the network installation is complete. Daily operations of the network Connections to other networks Backup plans Recovery plans In short, operational security encompasses everything that isn’t related to design or physical security in the network Examining Operational Security Working with Management and Policies Guidance, rules, and .

• An ninh - Bảo mật
• Information systems security
• Lecture Information systems security
• Information security
• Goals of information security
• Security process
• Security topologies
• Lecture On safety and security of information systems
• On safety and security of information systems
• Introduction to information systems security
• History of information security
• Bài giảng Bảo mật hệ thống thông tin
• Wireless network security
• Wireless security protections
• IEEE 802
• 11 security
• Protecting systems
• Harden operating systems
• Communications based attack
• Conducting security audits
• Privilege audits
• Privilege management
• Controls for information security
• Accounting information systems
• Lecture Accounting information systems
• Hệ thống thông tin kế toán
• Trust services framework
• Potential risks
• Privilege escalation
• Các phần mềm có hại
• Cryptography basics
• Cryptographic terminology
• Transposition cipher
• Public key infrastructure
• Cryptographic attacks
• Public domain cryptography
• Access control
• Access control models
• Authentication models
• Virtual Private Network
• Authentication credentials
• Risk management
• Attributes of assets
• Determining relative value
• Cryptographic hash funtionns
• Simple hash functions
• Requirements and security
• Accounting information systems
• Lecture Accounting information systems
• Information systems controls
• System reliability
• Management information systems
• Information systems
• Lecture Management information systems
• Computer based information systems
• Managing information resources
• Monitoring activity
• Intrusion detection
• Secure network
• Malicious attacks
• Malicious Attack
• The common types of malicious attacks
• Basic terminology of cryptography
• History of cryptography
• Symmetric cipher
• Symmetric ciphers
• Block cipher principles
• Data encryption standard
• Advanced encryption standard
• Asymmetric ciphers
• Principles of public Key cryptosystems
• Four parts of access control
• Types of access control
• Firewall concept
• Commercial firewalls
• Network Security Fundamentals
• Guide to Network Security Fundamentals
• Security Baselines
• Disable nonessential systems
• Introduction to management information systems
• Business information technology
• Information security management
• Data safeguards are available