......
▀ Privacy: is the right to be alone and to be free of unreasonable personal intrusions.
► Electronic Surveillance
►Personal Information in Database
► Internet Bulletin Boards and Newsgroup
►Privacy Codes and Policies
►International Aspects of Privacy .
▀Accuracy
▀Property
▀Accessibility
▓▓▓▓▓▓▓▓
▀Threat to Information system:
●Threat
● Exposure
● Vulnerability
●Risk
▬▬▬▬
●Unintentional
●Intentional:
▪▪ Espionage or trespass
▪▪ Information extortion
▪▪ Sabotage or vandalism
▪▪Theft
▪▪Identity theft
▪▪Software attack:
▫Viruses ▫Trojan horses ▫Back doors
▫Phishing ▫Worms ▫Logic bombs
▫Denial of service ▫Pharming
▫Alien software:
-pestware -adware -spyware
-spamware -spam -cookies - webbugs
▪▪Compromises to intellectual property
▓▓▓▓▓▓▓▓
▀Protecting Information Resource
●Risk Analysis
▪▪Risk management
▪▪Risk analysis
▪▪Risk mitigation
▪ implementing controls to prevent identified threat from occurring
▪developing a means of recovery should the threat become reality
▪▪Risk acceptance
▪▪Risk limitation
▪▪Risk transference
▪▪ Controls evalutation
●Controls
▪▪General control:
▪general control
▪physical control
▪access control
-the User Is
-the User Has
-the User Does
-the User Knows
..passwords
..passphrase
●Information System Auditing
▪▪Type of the Auditor and Audit
▪▪How Is Auditing Executed ?
●Disaster Recovery Planning
▪▪Disaster recovery
▪▪Disaster avoidance
▓▓▓▓▓▓▓▓
No comments:
Post a Comment