Categories of controls-information security, Computer Network Security

Assignment Help:

Categories of Controls

Controlling risk through mitigation, avoidance or transference is accomplished by implementing controls. There are 4 effective approaches to select the controls by category:

Control function:
Controls (safeguards) designed to defend systems are preventive or detective.

Architectural layer:
Some of the controls apply to one or more layers of organization’s technical architecture

Strategy layer: Controls classified by risk control strategy (avoidance, transference, mitigation) in which they operate.

Information security principle: Controls can be classified according to characteristics of secure information they assure. These characteristics include: accountability integrity, availability, confidentiality, authorization, authentication, and privacy.


Related Discussions:- Categories of controls-information security

Cipher methods-cryptography, Cipher Methods There are 2 methods of encry...

Cipher Methods There are 2 methods of encrypting plaintext: • Bit stream method – every bit in the plaintext bit is transformed into a cipher bit one bit at a time. • Block cip

Management of classified data-risk management, Management of Classified Dat...

Management of Classified Data Management of classified data comprises of its storage, distribution, portability, and destruction of classified data. All information which is not

Emerging threats related to use of networks, Question requires you to submi...

Question requires you to submit a proposal based on the research report topic you will be addressing in the second assignment.  Note:  before commencing research on the topic, y

Explain the dimension of service quality, Problem 1: Discuss how TWO of...

Problem 1: Discuss how TWO of the following gurus have contributed to the Quality Movement, highlighting the major points of their philosophies: (a) Edward Deming (b) Jose

Fragmentation format, FRAGMENTATION Fragmentation information is kept...

FRAGMENTATION Fragmentation information is kept in different extension header.  Every fragment has base header and fragmentation header. Whole datagram including original hea

Public key cryptosystem based on rsa technology, Problem: (a) What is ...

Problem: (a) What is the minimum length of a password that could be considered to be "strong" in the context of today's computing power? (b) The security of a PIN system,

Hybrid cryptography systems-cryptography, Hybrid Cryptography Systems Th...

Hybrid Cryptography Systems This makes use of different cryptography systems. Except digital certificates, pure asymmetric key encryption is not used extensively. Asymmetric enc

Nyquist capacity theorem, (a) Illustrate what you understand by Nyquist Cap...

(a) Illustrate what you understand by Nyquist Capacity Theorem? (b) Consider we wish to transmit at a rate of 64 kbps over a 4 kHz noisy but error-free channel. What is the mini

List vulnerabilities of using wep, Question: The Wired Equivalent Priv...

Question: The Wired Equivalent Privacy (WEP) standard was created in order to give wireless networks safety and security features similar to that of wired networks. (a) L

Explain the basic network topologies, Question: (i) ‘Implementation' is...

Question: (i) ‘Implementation' is a critical stage of the Systems Development Life Cycle. Show the four approaches which are commonly used to implement information systems in

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd