Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

Develop a “taxonomy” of DS/IA document. A taxonomy is a way of organizing someth

ID: 3576743 • Letter: D

Question

Develop a “taxonomy” of DS/IA document. A taxonomy is a way of organizing something on a “group within group” basis. (Remember how the biological taxonomy is structured.) Initially, define data security and information assurance. Secondly, develop an outline of the major “elements” within the discipline of DS/IA.

This assignment serves as a great review for the final exam.

The paper should be of “significant depth,” suitable for a graduate program; that is, the paper should be approximately 5 pages in length. The paper should be free from spelling and grammatical errors.

Additional background: In this taxonomy document you will be outlining and giving an “abstract” of DS/IA. Imagine you need to give a meaningful overview of DS/IA to someone unfamiliar with the field. The taxonomy allows you to “group” major aspects of DS/IA and present it in a meaningful way. Remember the grand idea of abstraction. In this document you will simplify the complex field of DS/IA into a few pages of information.

Explanation / Answer

Data security,protecting data such as a database from destructive forces and from the unwanted actions of unauthorized users. Data security means that hiding or preventing unauthorized access of data from any other entity.Data security make a user secure from any unwanted activity.

Data security is also known as information security (IS) or computer security.
Data security refers to protective digital privacy measures that are applied to prevent unauthorized access to computers, databases and websites.

Information assurance, is the practice of assuring information and managing risks related to the use, processing, storage, and transmission of information or data and the systems and processes used for those purposes. Information Assurance (IA) is the process of getting the right information to the right people at the right time.

IA include protection of the intigrity.
IA include also provide protection for data availability.
IA adds business benefit through the use of Information Risk Management, Trust Management, which increases the utility of information to authorized users and reduces the utility of information to those unauthorized.
IA uses physical, technical and administrative controls to accomplish these tasks.the full range of IA encompasses not only digital but also analog or physical form.

HOW IA PROCESS WORK?:

1)It begins with the enumeration and classification of the information assets to be protected.
2)In the next step the IA practitioner will perform a risk assessment for those assets.
3)Assessment then considers both the probability and impact of a threat exploiting a vulnerability in an asset, with impact usually measured in terms of cost to the asset's stakeholders. The sum of the products of the threats' impact and the probability of their occurring is the total risk to the information asset.
4) After completion of above listed steps then the IA practitioner then develops a risk management plan. This plan proposes countermeasures that involve mitigating, eliminating, accepting, or transferring the risks, and considers prevention of thread.
5)there are sevral standard framework such as Risk IT, CobiT, PCI DSS, guide them to develop risk management plan.
6)then the risk management plan is implemented and tested. if it need any other modification then the whole process from step 1 start again.

There are sevral Standards organizations which provide standard for the IA, Such as Information Assurance Advisory Council and the Information Assurance Collaboration Group.

Information assurance vulnerability alert:
(IAVA) is an announcement of a computer application software or operating system vulnerability notification in the form of alerts, bulletins, and technical advisories identified by DoD-CERT.

These selected vulnerabilities are the mandated baseline, or minimum configuration of all hosts residing on the GIG.

PROCESS OF IAVA:

->Identify a system administrator to be the point of contact for each relevant network system,
->Send alert notifications to each point of contact,
->Require confirmation by each point of contact acknowledging receipt of each alert notification,
->Establish a date for the corrective action to be implemented, and enable DISA to confirm whether the correction has been implemented.

DATA SECURITY:

Protection of data from any unwanted or unauthorized access.
there are sevral technics for this some are listed below:
->Disk encryption
->software versus hardware-based mechanisms for protecting data
-> Data backup
-> data masking

::Data Encryption:

Data encryption means sending data in other formate which can be only decrypted by an authorized user or receiver.
there are several ways of data encryption such as synchronized and a synchronized encryption technics.
in DS we, use disk encryption, in which whole disk is encrypted so that only a person with enough grant can access that data.

::software versus hardware-based mechanisms for protecting data:

Software-based security solutions encrypt the data to protect it from theft. However, a malicious program or a hacker could corrupt the data in order to make it unrecoverable, making the system unusable. Hardware-based security solutions can prevent read and write access to data and hence offer very strong protection against tampering and unauthorized access.

::Data backup:

Data backup means data, when data is lost due to any reason , by using backup you can again restore that data from backup. When ever a user feel unsecure about data like may be data can be lost or some may use it for his/her benifits then user backup his data and when he/she feel secure they can recover it. there are sevral software ares available for data backup.

::data masking:

It is the process of obscuring (masking) specific data within a database table or cell to ensure that data security is maintained and sensitive information is not exposed to unauthorized personnel.
hiding original data with random characters or data.

Related Questions

Develop a set of guidelines that you will help you navigate ethical dilemmas as
Question #1216777
Develop a set of questions (open-ended) to interview the person from another cul
Question #435852
Develop a shell in C language. Create a main() function that prints a prompt, ac
Question #3798529
Develop a shell script called addRange.bash that gets two numbers as arguments a
Question #3631563
Develop a short sequence of instructions that clears (0) thetree leftmost bits o
Question #1831491
Develop a short written report, answering the following questions and showing ho
Question #3007253
Develop a simple GUI based database driven application for Banksystem. Core Requ
Question #3615255
Develop a simple Hotel program. We will have two classes, a Hotel class represen
Question #3540254

Navigate

Previous
Develop a worksheet simulation for the following problem. The management of Acme
Next
Develop aC++ program that teaches elementary school students multiplication.Use

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.