Samenvatting

Samenvatting Information Management Standards

1 keer verkocht

Instelling
Saxion Hogeschool (Saxion)

Ik heb de Makri handouts gebruikt voor het samenvatten van de gegeven leerdoelen per week. Hierbij heb ik overbodige (althans, in de zin van het tentamen overbodig....) informatie weggelaten en de essentiele punten overgenomen. Gezien ik de leerdoelen heb gebruikt omvat de samenvatting alle informa...

[Meer zien]

Voorbeeld 2 van de 15 pagina's

Bekijk voorbeeld

Geupload op 4 juli 2021
Aantal pagina's 15
Geschreven in 2020/2021
Type Samenvatting

standardization
standard
security model
information security
informatiosecurity
infosec
security concepts
security oeprations
resource protection
incident response
incident
employ resource protection

Volgen

securitytopper Lid sinds 5 jaar 80 documenten verkocht

€5,49

In winkelwagen

Opslaan

100% tevredenheidsgarantie
Direct beschikbaar na je betaling
Lees online óf als PDF
Geen vaste maandelijkse kosten

Information Management
Standards exam preparation
 Define standard and standardization and explain their important in today’s international
environment
 Name and describe the most prevalent information security standards and information
security models
 Implement security governance in a corporate environment based on good practice
 Understand and be able to apply standard concepts and principles that security operations
should follow
 Describe the main elements of resource protection and employ resource protection in a
corporate environment
 Manage incident response
 Name, describe and decide on preventative measures against attacks

Week 1 Information Management Standards
 Define what a standard is and what is standardization
 Explain the importance of standardization nowadays
 Give a short description of the TCSEC and name tis fundamental objectives and requirements
 Describe the security mechanisms that are applied through the different TCSEC levels.
 Give a short description of ITSEC
 Name and describe the key concepts introduced by the Common Criteria
 Name the main areas of concern of the ISO 27001:2013 standard
 Describe the PDCA cycle introduced by the ISO 27001:2005 standard
 Name and explain the principles of COBIT 5
 Describe BiSL
 Name the rules of the Bell-LaPadula, Biba, and Chinese Wall security models
 Describe the four main entities of the Clark-Wilson integrity model

Week 2 Information Security Governance
 Apply security governance in a given setting
 Name and apply the main suggestions by ITGI (IT Governance Institute) concerning security
 Name and describe the organizational processes that impact security
 Explain the concerns of the security professionals when the aforementioned organizational
processes occur
 Describe the various users’ roles within the context of the organization and their security
responsibilities
 Name the main benefits from establishing clear and unambiguous security roles
 Explain the relationship between legislative and regulatory compliance with the security
professional
 Understand when privacy requirements compliance is desired and name the control
frameworks that support meeting these requirements
 Explain what is due care and what due diligence

Week 3 Security Operations Concepts
 Name and describe the key themes related to the concepts of Security Operations

,  Explain which are the main processes and procedures, where Security Operations plays a
vital role
 Understand how security operations are controlling privileged accounts, and explain what is
identity management and access management
 Describe the need-to-know concept
 Describe the least privilege concept
 Explain the notion of Role Based Access Control (RBAC)
 Name and describe the different types of privileged user accounts
 Explain the principle of Separation of Duties and how it can be applied in practice when
assigning responsibilities in a corporate environment
 Describe what is a clearance and what is its relation to background checks
 Explain what is Job Rotation and which purposes it serves in a corporate environment
 Name the different stages of the sensitive information lifecycle
 Define declassification

Week 4 Employ Resource Protection
 Discern between tangible and intangible assets, and identify combinations thereof
 Critically examine whether a physical or non-physical asset needs to be protected and to
which extend
 Name the main facilities systems and controls that support the IT operation
 Explain how and why hardware should be physically protected
 Name and describe the main protection measure for storage media
 Explain what is software licensing and what is its relevance to security in a corporate
environment
 Name the most important elements of a secure removable media solution
 Explain the difference between backups and archives
 Describe the security related considerations concerning backups and archives
 Explain what makes media disposal important, and name the three main means of media
disposal or reuse
 Describe the equipment lifecycle and the relation of each phase to security

Week 5 Manage Incident Response
 Define the term Incident Response Management
 Name the key actors in an incident management program and their characteristics, that
make the program successful
 Identify the relation between the incident management process and measurements, metrics,
and reporting
 Determine the measures that are important in a given incident scenario, so as to facilitate
successful security operations
 Name and describe the most prevalent boundary controls and detection mechanisms
 Identify the advantages and disadvantages of each detection approach and decide on the
most adequate mechanisms in a given setting
 Name the most important aspects of Incidence Response and devise a step-by-step
procedure of response in a given scenario
 Identify and answer all the questions relevant to the incident reporting procedure, that
should be included in the formal policies or procedures of an organization
 Explain what is the added value of reviews and audits for an organization
Week 6 Preventative Measures against Attacks
 Name and describe the common threats against the CIA (Confidentiality, Integrity,
Availability) triad of security requirements

Dit zijn jouw voordelen als je samenvattingen koopt bij Stuvia:

Bewezen kwaliteit door reviews

Studenten hebben al meer dan 850.000 samenvattingen beoordeeld. Zo weet jij zeker dat je de beste keuze maakt!

In een paar klikken geregeld

Geen gedoe — betaal gewoon eenmalig met iDeal, creditcard of je Stuvia-tegoed en je bent klaar. Geen abonnement nodig.

Direct to-the-point

Studenten maken samenvattingen voor studenten. Dat betekent: actuele inhoud waar jij écht wat aan hebt. Geen overbodige details!

Veelgestelde vragen

Wat krijg ik als ik dit document koop?

Je krijgt een PDF, die direct beschikbaar is na je aankoop. Het gekochte document is altijd, overal en oneindig toegankelijk via je profiel.

Tevredenheidsgarantie: hoe werkt dat?

Onze tevredenheidsgarantie zorgt ervoor dat je altijd een studiedocument vindt dat goed bij je past. Je vult een formulier in en onze klantenservice regelt de rest.

Van wie koop ik deze samenvatting?

Stuvia is een marktplaats, je koop dit document dus niet van ons, maar van verkoper securitytopper. Stuvia faciliteert de betaling aan de verkoper.

Zit ik meteen vast aan een abonnement?

Nee, je koopt alleen deze samenvatting voor €5,49. Je zit daarna nergens aan vast.

Is Stuvia te vertrouwen?

4,6 sterren op Google & Trustpilot (+1000 reviews)

Afgelopen 30 dagen zijn er 65049 samenvattingen verkocht

Opgericht in 2010, al 15 jaar dé plek om samenvattingen te kopen

Begin nu gratis

Samenvatting

Samenvatting Information Management Standards

Document informatie

Onderwerpen

Geschreven voor

Verkoper

Ontvangen beoordelingen

Voorbeeld van de inhoud