Information Security Management Assurance (ISM811S
Chapter 2
–
Information Security Mechanisms
Dr Mercy Chitauro
Outline
1.Information Security Terminology2.Attack types3.Security controls4.Access Controls5.System logs6.Firewalls7.IDS/IPS8.Cryptographic Controls9.Other important, emerging security controls1.Remote access2.Wireless Network Security3.Scanning and Analysis tools4.Bring your device security10.Homework
Learning outcomes
▪
Outline basic security terminology and attack types;
▪
Differentiate types of attacks;
▪
Explain the difference between vulnerabilities and threats;
▪
Explain the difference between technical and administrative controls;
▪
Discuss the various access control approaches;
▪
Identify common approaches to firewall implementation;
▪
Describe the types of IDS and the strategies on which they are based;
▪
Explain cryptography, the encryption process, and cryptographic controls;
▪
Outline other emerging security mechanisms;
▪
Outline management of emerging security mechanisms.
Information Security (infosec)
•
Information security is the protection of information and its critical characteristics:
–
Confidentiality
–
Integrity
–
Availability
•
Including the systems and hardware that store and transmit that information.