1. What is an Information Security Assurance?
Information Security Assurance means the management and protection of data, information, and knowledge. It safeguards the integrity of data used by individuals or organizations. It prevents illicit access to private information. It is the defense mechanisms used to detect or mitigate malicious activity in IT systems.
2. Components of Information Security Assurance?
The components are:
Confidentiality - Ensuring that information is accessible only to those authorized to have access.
Integrity - Safeguarding the accuracy and completeness of information and processing methods.
Availability - Ensuring that authorized users have access to information and associated assets when required.
3. Differentiate the certification programs to common body language?
Certification programs refers to assessment process to verify the legitimacy and competence of an individual or organization.
Common body language refers to nonverbal signals used to communicate feelings and intentions such as tone of voice, gestures, posture, facial expressions, and eye gaze.
4. Differentiate the Governance and Risk Management?
Governance means establishing and maintaining a framework, strategies, programs, and security policies in an organization or enterprise.
Risk Management is knowing when and how risks may become problematic and be able to determine the best way to limit the impact of risk.
5. Difference between Security Architecture to Design?
Security Architecture means a set of security principles, methods, models, systems, processes, and tools designed to prevent or mitigate attacks and help keep an organization safe from cyber threats.
Security Design means the techniques, methods, approach to cybersecurity such as authentication safeguards and adherence to best programming practices.
6. Difference between Business Continuity Planning to Disaster Recovery Planning?
Business Continuity Planning means keeping business operational during a disaster with minimal disruption.
Disaster Recovery Planning means restoring full functionality, data access and IT infrastructure after a disaster occurs.
7. What is Physical Security Control?
Physical Security Control refers to security measures designed to deny unauthorized access to facilities, equipment, resources and to protect personnel, hardware, software, networks and data from harm, loss or damage.
8. What is Operations Security?
Operations Security refers to security and risk management mechanisms to safeguard sensitive information and preserve essential secrecy.
9. What is Law?
Law is a set of rules of conducts, codes, standards, regulations created to regulate behavior and to be followed by everyone.
10. What is Investigation?
Investigation is a careful search, examination, inquiry to discover facts, truths, or to establish the cause of incident.
11. What is Ethics?
Ethics means the knowledge of right and wrong, what is or isn't acceptable behavior, and the ability to adhere to ethical principles.
12. What is Information Security?
Information Security means the quality or state of being secure to be free of danger. It protects information from a range of threats, ensures business continuity, minimizes financial loss, optimizes return on investments, increases business opportunity.