100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
Summary Information Management Standards; Get Your Dot $5.88
Add to cart

Summary

Summary Information Management Standards; Get Your Dot

 18 views  1 purchase
  • Course
  • Institution

I used the Makri handouts to summarize the given learning goals per week. I have omitted unnecessary (at least, in the sense of the exam redundant...) information and took over the essential points. Since I used the learning goals, the summary includes all the information you need.

Preview 2 out of 15  pages

  • July 4, 2021
  • 15
  • 2020/2021
  • Summary
avatar-seller
Information Management
Standards exam preparation
 Define standard and standardization and explain their important in today’s international
environment
 Name and describe the most prevalent information security standards and information
security models
 Implement security governance in a corporate environment based on good practice
 Understand and be able to apply standard concepts and principles that security operations
should follow
 Describe the main elements of resource protection and employ resource protection in a
corporate environment
 Manage incident response
 Name, describe and decide on preventative measures against attacks

Week 1 Information Management Standards
 Define what a standard is and what is standardization
 Explain the importance of standardization nowadays
 Give a short description of the TCSEC and name tis fundamental objectives and requirements
 Describe the security mechanisms that are applied through the different TCSEC levels.
 Give a short description of ITSEC
 Name and describe the key concepts introduced by the Common Criteria
 Name the main areas of concern of the ISO 27001:2013 standard
 Describe the PDCA cycle introduced by the ISO 27001:2005 standard
 Name and explain the principles of COBIT 5
 Describe BiSL
 Name the rules of the Bell-LaPadula, Biba, and Chinese Wall security models
 Describe the four main entities of the Clark-Wilson integrity model

Week 2 Information Security Governance
 Apply security governance in a given setting
 Name and apply the main suggestions by ITGI (IT Governance Institute) concerning security
 Name and describe the organizational processes that impact security
 Explain the concerns of the security professionals when the aforementioned organizational
processes occur
 Describe the various users’ roles within the context of the organization and their security
responsibilities
 Name the main benefits from establishing clear and unambiguous security roles
 Explain the relationship between legislative and regulatory compliance with the security
professional
 Understand when privacy requirements compliance is desired and name the control
frameworks that support meeting these requirements
 Explain what is due care and what due diligence


Week 3 Security Operations Concepts
 Name and describe the key themes related to the concepts of Security Operations

,  Explain which are the main processes and procedures, where Security Operations plays a
vital role
 Understand how security operations are controlling privileged accounts, and explain what is
identity management and access management
 Describe the need-to-know concept
 Describe the least privilege concept
 Explain the notion of Role Based Access Control (RBAC)
 Name and describe the different types of privileged user accounts
 Explain the principle of Separation of Duties and how it can be applied in practice when
assigning responsibilities in a corporate environment
 Describe what is a clearance and what is its relation to background checks
 Explain what is Job Rotation and which purposes it serves in a corporate environment
 Name the different stages of the sensitive information lifecycle
 Define declassification

Week 4 Employ Resource Protection
 Discern between tangible and intangible assets, and identify combinations thereof
 Critically examine whether a physical or non-physical asset needs to be protected and to
which extend
 Name the main facilities systems and controls that support the IT operation
 Explain how and why hardware should be physically protected
 Name and describe the main protection measure for storage media
 Explain what is software licensing and what is its relevance to security in a corporate
environment
 Name the most important elements of a secure removable media solution
 Explain the difference between backups and archives
 Describe the security related considerations concerning backups and archives
 Explain what makes media disposal important, and name the three main means of media
disposal or reuse
 Describe the equipment lifecycle and the relation of each phase to security

Week 5 Manage Incident Response
 Define the term Incident Response Management
 Name the key actors in an incident management program and their characteristics, that
make the program successful
 Identify the relation between the incident management process and measurements, metrics,
and reporting
 Determine the measures that are important in a given incident scenario, so as to facilitate
successful security operations
 Name and describe the most prevalent boundary controls and detection mechanisms
 Identify the advantages and disadvantages of each detection approach and decide on the
most adequate mechanisms in a given setting
 Name the most important aspects of Incidence Response and devise a step-by-step
procedure of response in a given scenario
 Identify and answer all the questions relevant to the incident reporting procedure, that
should be included in the formal policies or procedures of an organization
 Explain what is the added value of reviews and audits for an organization
Week 6 Preventative Measures against Attacks
 Name and describe the common threats against the CIA (Confidentiality, Integrity,
Availability) triad of security requirements

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller securitytopper. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $5.88. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

53022 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$5.88  1x  sold
  • (0)
Add to cart
Added