Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

1. What is information security? 2. How is the CNSS model of information securit

ID: 3743939 • Letter: 1

Question

1. What is information security? 2. How is the CNSS model of information security organized? 3. What three principles are used to define the C.I.A. triangle? Define each in the context in which it is used in information security. 4. What is a threat in the context of information security? 5. What is an asset in the context of information security? 6. What is a vulnerability in the context of information security? 7. What is risk management? 8. What are the component parts of risk management? 9. Who is expected to be engaged in risk management activities in most organizations? 10. What are the basic strategies used to control risk? Define each. 11. What is a contingency plan? 12. List and describe the four subordinate functions of a contingency plan. 13. In general terms, what is policy? 14. What is the enterprise information security policy, and how is it used? 15. Why is shaping policy considered difficult? 16. What are standards? How are they different from policy? 17. What is an issue-specific security policy? 18. List the critical areas covered in an issue-specific security policy. 19. What is a systems-specific security policy? 20. When is a systems-specific security policy used?

Explanation / Answer

Please Note: As per Chegg Answering Guidelines, I am supposed to answer the first question. I have answered the first 4 questions below. Please Re-Post for Answers to the rest of the Questions.

1. What is information security?

Information security is the process and the practice of preventing unauthorized access to any object, using the items, destruction in any form by unauthorized parties, recoding or inspecting or making data leaks by unauthorized users. Information security means securing the information contained.

Information security is a necessary feature of cyber security. Everything on the internet is unsecured and thus securing the data and private information on the Internet is a huge task. Cyber security poses threats when attacks happen to reveal the secure and private information of individuals, companies and governments. Threats on the Internet are of many types and mainly considering the 2 type of threats target 2 things mainly -- money and data. So securing data is as important as securing money as data on the Internet is as valuable as money. The threats are controlled and attacked by the attackers who pose a threat to the people and do damage and data leakage from websites containing the users' personal information and other sensitive information.

2. How is the CNSS model of information security organized?

The Committee on National Security Systems(CNSS) Security Model is a information security model used for the best practices to develop a secure system which is organized using Mccumber Cube where Each of 27 cells in the cube represents areas which must be taken care of to secure an information system. Thus the cube forms the needs whose intersections have to be implemented.

3. 3 principles used to define the C.I.A. triangle:

The 3 principles of security used to define the C.I.A. triangle are: Confidentiality, Integrity and Availability. These 3 principles form the base of the cyber security mechanism of wired and wireless systems and are the basic steps of security based on which much modifications and enhancements have been done to improve the above 3 principles. The above 3 principles should be the baseline of any system which is or has to be secured i.e the secured system has to implement Confidentiality, Integrity and Availability. The simple theory about the 3 principles are as follows:

Confidentiality - Confidentiality means the level of access that should be given to the person, this principle includes access control, password protections, access required for an employee or an admin etc. Thus this principle looks so that only authorized users can see only what they need to and not all of the information.

Integrity - This principle presses on the fact that the integrity of the data and the system should be maintained at all times when in operation, and also the integrity should be maintained when there any change or modification of the data.

Availability - This principle stresses on the fact that the information or the service or the system, whichever should be always accessible and available for use to the authorized user at all times.

4. What is a threat in the context of information security?

As mentioned we already know what information security means to protect us from malicious attacks, hacker and malicious users and from malicious activities on the computers and devices. A threat in the context of information security means that something or an event which has the potential to harm the computer system or the network of systems. A threat may or may not be executed but it has the potential to cause serious damage which can lead the attacks on the computers, networks and many other forms.

Related Questions

1. What is amortization? Describe other types of loan arrangements. If you could
Question #1171967
1. What is amortization? Describe other types of loan arrangements. If you could
Question #1171968
1. What is an AHU? Describe the various components of an AHU, and the psychromet
Question #2311247
1. What is an ARIMA model? Why might ARIMA models be considered particularly use
Question #3055248
1. What is an Accord and Satisfaction? Explain. 2. You\'re having a dispute with
Question #351574
1. What is an Anthology? a. A detailed annotated bibliography b. A collection of
Question #3456786
1. What is an If statement? Please put definition in own words. 2. What is the s
Question #3666294
1. What is an Object? 2. What is a method? Does it relate to the concept ofOOP(o
Question #3609582

Navigate

Previous
1. What is important for an internet user to know about https:// ? All answers a
Next
1. What is intelligence? Describe the WISC-IV intelligence test. Write 1 paragra

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.