Get your Information Management Systems Credits with this Summary
12 views 1 purchase
Course
Information Management Systems (T.30834)
Institution
Saxion Hogeschool (Saxion)
Book
Official (ISC)2 Guide to the CISSP CBK
Makri handouts used to write the summary. All learning goals per week have been verified and included in the summary, so all the material you need to know for the (re) exam is in this document, concise, but comprehensive!
Information Management
Systems exam preparation
summary
Define the terms information, system, subsystem, and information (management) system
Explain the functionality of the main types of information systems and clarify the difference
between an information system and a computer system
Understand and apply security in the Software Development Life Cycle
Manage the SDLC by applying good practices (e.g., following CMM models, implementing
proper maintenance and change management etc.)
Describe the main software and database development methodologies and how security
controls are involved
Understand and tackle the security challenges introduced by today’s distributed software
environment
Identify the security issues related to the source code of information systems and monitor
the trends in security development, so as to determine which are the most critical source
code-related threats that an organization should anticipate
Decide and implement malware and software protection policies, and be able to assess the
effectiveness of the software security mechanisms implemented
Week 1 Information Management Systems
Define information and explain its difference with data
Define what is system, subsystem, and information system
Describe the characteristics of information and how they relate to the information systems
management
Name the sources of information, and describe the information flow within a hypothetical
information system
Explain the difference between a computer system and an information system
Describe the information system in relation to the value chain
Name the main challenges/responsibilities of the manager that is in charge of applying
information systems changes
Explain the functionality of the 4 main types of information systems
Week 2 Security in the Software Development Life Cycle
Explain how security is included in the Software Development Life Cycle
Name the current threats (in software development) and describe how to detect them
Describe the main phases of the Systems Development Lifecycle
Explain how is security outlined within the aforementioned SDLC phases
Explain the function and purpose of (Capability) Maturity Models
Describe the activities to be taken for proper system operation and system maintenance
Name the steps of the change management process
Week 3 Software related Security Controls
Name and describe the most notable software development methods
Identify the main differences between the waterfall and iterative software development
methodologies
Describe the DBMS architecture
, Name the necessary characteristics that the database model should be able to demonstrate
Describe the state-of-the-art database management models
Explain the four properties that guarantee database transactions to have been reliably
processed
Name the integrity rules that apply to the relational database model
Name the main sublanguages of SQL
Describe the functionality of Database Interface Languages
Explain the security considerations that come along with the new trend of accessing
databases through the Internet
Define the term Data Warehousing
Describe the main database vulnerabilities and threats
Define the term knowledge-based systems
Discuss the additional threats and protection applicable to web application environments
Week 4: Security of the Software Environment
Describe the current software environment and discuss its distributed nature
Assess the security risks brought by the distributed nature of today’s software environments
Explain what is open source software
Define full disclosure in the context of open source software
Name the differences between low-level and high-level programming languages
Name the differences between compiled and interpreted source code
Describe the three main layers of Java Security
Name and explain the main characteristics of object-oriented programming (OOP) and their
relation to security
Name the considerations for the Security Manager, when using distributed object-oriented
systems
Week 5 Security Issues of Programming Languages
Elaborate on the security issues related to the source code of applications
Monitor the trends in security development, so as to determine which are the most critical
source code-related threats that an organization should anticipate
Identify the source code mechanisms that allow for emergency recovery of a system (e.g.,
trapdoors) in a given information system, and determine their impact on security
Explain what is malware
Define the most common types of malware
Determine the severity of infection of each type of malware on a given information system
Week 6 Malware and Software Protection
Enforce a suitable training program for the employees concerning malware protection
Develop generic policies and detailed guidelines to enhance malware protection
Name and describe the main types of antivirus systems, and indicate the corresponding IDSs
that work in a similar manner as each of the antivirus types
Identify the software protection mechanisms that should be enforced in a given information
system, and describe their role and functionality
Define the term Configuration Management
Assess the effectiveness of software security
Conduct risk analysis and mitigation after the implementation of large or small scale system
changes
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller securitytopper. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $5.88. You're not tied to anything after your purchase.