Garantie de satisfaction à 100% Disponible immédiatement après paiement En ligne et en PDF Tu n'es attaché à rien
logo-home
Recherché précédemment par vous
Recherché précédemment par vous
logo
ISC-V1 2024 Regulations, Standards, and Frameworks €7,87   Ajouter au panier
Accédez rapidement à
Aperçu
  2.  
  3. PREP
  4.  
  5. PREP
  6.  
  7. PREP

Examen

ISC-V1 2024 Regulations, Standards, and Frameworks
 5 vues  0 fois vendu
  • Cours
  • PREP
  • Établissement
  • PREP

ISC-V1 2024 Regulations, Standards, and Frameworks

Aperçu 4 sur 310  pages

Infos sur le Document

  • 21 juin 2024
  • 310
  • 2023/2024
  • Examen
  • Questions et réponses

Sujets

  • isc v1 2024 regulations standards and frameworks

École, étude et sujet

  • PREP
  • PREP
  • PREP
Tous les documents sur ce sujet (56)

Vendeur

avatar-seller
ACTUALSTUDY

Avis reçus

Aperçu du contenu

ISC


1
Regulations, Standards, and
Frameworks



Module

1 National Institute of Standards and
Technology Frameworks 3

2 Privacy and Data Security Standards 15

3 Center for Internet Security Critical Security Controls:
Part 1 21

4 Center for Internet Security Critical Security Controls:
Part 2 33

5 COBIT 2019 Framework 43

, NOTES




S1–2 © Becker Professional Education Corporation. All rights reserved.

,1
MODULE
National Institute of
Standards and Technology
Frameworks ISC 1




Overview
The application of information technology (IT) in an organization is the systematic
implementation of hardware and software so that data can be transmitted, modified, accessed,
and stored both securely and efficiently. As the field of information science advances, the speed
at which IT devices can perform these tasks has rapidly increased, and organizations must
reevaluate their technology on a regular basis.
Organizations adopt technology to enhance or support business operations, protect digital
records and assets, and safeguard physical assets. This makes the selection and deployment of
management information systems critical to the success of any organization.


1 National Institute of Standards and Technology (NIST)
Cybersecurity Framework (CSF)

1.1 NIST Background
The National Institute of Standards and Technology (NIST) was established in 1901 to remove
barriers to industrial competitiveness and improve access to resources to promote U.S. research
capabilities. In 1995, the NIST branched out into the cybersecurity field with the NIST Special
Publication 800-12, An Introduction to Information Security. To date, three of the most prolific sets
of standardized frameworks promulgated by NIST include the NIST Cybersecurity Framework
(CSF), NIST Privacy Framework, and NIST SP 800-53 Security and Privacy Controls for Information
Systems and Organizations.

1.2 Cybersecurity Framework
Introduction
The NIST Cybersecurity Framework is a voluntary framework that includes three primary
components to manage cybersecurity risk:
1. Framework Core
2. Framework Implementation Tiers
3. Framework Profile




© Becker Professional Education Corporation. All rights reserved. Module 1 National
S1–3Institute of Standards

, 1 National Institute of Standards and Technology Frameworks ISC 1




Tier 1 Tier 2 Tier 3 Tier 4
(Partial) (Risk Informed) (Repeatable) (Adaptive)

CORE TIERS




PROFILE




Source: Reprinted courtesy of the National Institute
of Standards and Technology, U.S. Department of
Commerce. Not copyrightable in the United States.


1.2.1 Framework Core
The NIST CSF was a legislative imperative for NIST aimed at developing a set of plain language
controls for the protection of critical IT infrastructure. Specifically, the focus of the NIST CSF is
to develop a program to identify, assess, and manage cybersecurity risks in a cost-effective and
repeatable manner.
The framework core consists of five areas of focus, or functions, which represent different points
in the security risk management life cycle that help enhance cybersecurity protection. These
components are not ordered steps; they are functions that should be performed concurrently.
The five components are Identify, Protect, Detect, Respond, and Recover.
1. Identify: This function focuses on creating canonical records of the assets an organization
uses to support information processing operations, users who are both internal and
external to an organization, and systems.
2. Protect: This function focuses on safeguards and access controls to networks, applications,
and other devices deployed as well as regular updates to security software, including
encryption for sensitive information, data backups, plans for disposing of files or unused
devices, and training for those with access to a company's network.
3. Detect: This function identifies the tools and resources needed to detect active
cybersecurity attacks, which includes monitoring network access points, user devices,
unauthorized personnel access, and high-risk employee behavior or the use of high-risk
devices.
4. Respond: This function outlines how a company should contain a cybersecurity event, react
using planned responses that mitigate losses, and notify all affected parties.
5. Recover: This function focuses on supporting the restoration of a company's network to
normal operations through repairing equipment, restoring backed up files or environments,
and positioning employees to rebound with the right response.




S1–4 Module 1 National
© Becker InstituteEducation
Professional of Standards and Technology
Corporation. Frameworks
All rights reserved.

Les avantages d'acheter des résumés chez Stuvia:

Qualité garantie par les avis des clients

Qualité garantie par les avis des clients

Les clients de Stuvia ont évalués plus de 700 000 résumés. C'est comme ça que vous savez que vous achetez les meilleurs documents.

L’achat facile et rapide

L’achat facile et rapide

Vous pouvez payer rapidement avec iDeal, carte de crédit ou Stuvia-crédit pour les résumés. Il n'y a pas d'adhésion nécessaire.

Focus sur l’essentiel

Focus sur l’essentiel

Vos camarades écrivent eux-mêmes les notes d’étude, c’est pourquoi les documents sont toujours fiables et à jour. Cela garantit que vous arrivez rapidement au coeur du matériel.

Foire aux questions

Qu'est-ce que j'obtiens en achetant ce document ?

Vous obtenez un PDF, disponible immédiatement après votre achat. Le document acheté est accessible à tout moment, n'importe où et indéfiniment via votre profil.

Garantie de remboursement : comment ça marche ?

Notre garantie de satisfaction garantit que vous trouverez toujours un document d'étude qui vous convient. Vous remplissez un formulaire et notre équipe du service client s'occupe du reste.

Auprès de qui est-ce que j'achète ce résumé ?

Stuvia est une place de marché. Alors, vous n'achetez donc pas ce document chez nous, mais auprès du vendeur ACTUALSTUDY. Stuvia facilite les paiements au vendeur.

Est-ce que j'aurai un abonnement?

Non, vous n'achetez ce résumé que pour €7,87. Vous n'êtes lié à rien après votre achat.

Peut-on faire confiance à Stuvia ?

4.6 étoiles sur Google & Trustpilot (+1000 avis)

66579 résumés ont été vendus ces 30 derniers jours

Fondée en 2010, la référence pour acheter des résumés depuis déjà 14 ans

Commencez à vendre!
€7,87
  • (0)
  Ajouter