What is an Information Security Assurance? it is all about gathering data and keeping its availability, authenticity and other fields of information and the security of the file which is needed the most to avoid the information to leak.
Components Information Security Assurance?
Availability - The objective of availability is to ensure that data is available and secure to be used when it is needed to make decisions.
Integrity - Security controls focused on integrity are designed to prevent data from being modified or misused by an unauthorized party.
Confidentiality - Confidentiality has to do with the privacy of information, including authorizations to view, share, and use it. passwords, which must remain confidential to protect systems and accounts.
Authentication - Verifying the identity of a user, process, or device, often as a prerequisite to allowing access to resources in an information system.
Nonrepudiation - Non-repudiation is a legal concept that is widely used in information security and refers to a service, which provides proof of the origin of data and the integrity of the data.Differentiate the certification programs to Common body language?
A certification program is a defined set of components or training programs offered by your organization to members to prove that they have achieved a measured level of knowledge within a designated timeline while the Common Body of Knowledge (CBK) is a comprehensive framework of all the relevant subjects a security professional should be familiar with, including skills, techniques and best practices. CBK is organized by domain and it is annually gathered and updated by the International Information Systems Security Certification Consortium, otherwise known as (ISC)2.Differentiate the Governance and Risk management?
Governance, or corporate governance, is the overall system of rules, practices, and standards that guide a business. Risk, or enterprise risk management, is the process of identifying potential hazards to the business and acting to reduce or eliminate their financial impact.Different between Security Architecture to Design?
Security architecture is the set of resources and components of a security system that allow it to function. Security design refers to the techniques and methods that position those hardware and software elements to facilitate security. Items like handshaking and authentication can be parts of network security designDifferent between Business Continuity Planning to D-i-s-a-s-t-e-r Recovery Planning?
Business continuity focuses on keeping business operational during a disaster, while disaster recovery focuses on restoring data access and IT infrastructure after a disaster. Meanwhile, a disaster recovery strategy helps to ensure an organization's ability to return to full functionality after a disaster occurs.What is Physical Security Control?
Physical control is the implementation of security measures in a defined structure used to deter or prevent unauthorized access to sensitive material. Examples of physical controls are: Closed-circuit surveillance cameras. Motion or thermal alarm systems. Security guards.What is Operations Security?
Operational security (OPSEC) is a security and risk management process that prevents sensitive information from getting into the wrong hands. Another OPSEC meaning is a process that identifies seemingly innocuous actions that could inadvertently reveal critical or sensitive data to a cyber criminal.What is Law? Information Security Law is the body of legal rules, codes, and standards that require you to protect that information and the information systems that process it, from unauthorized access. The legal risks are potentially significant if you don't take a pragmatic approach.
What is Investigation?
A security investigation establishes what caused the incident and how far it compromised or threatened the security of people, information, or assets.What is Ethics?
Ethics can be defined as a moral code by which a person lives. In computer security, cyber-ethics is what separates security personnel from the hackers. It's the knowledge of right and wrong, and the ability to adhere to ethical principles while on the job.What is Information Security?
Information security is a set of practices intended to keep data secure from unauthorized access or alterations. Here's a broad look at the policies, principles, and people used to protect data.