Question 1: What is information security?
Answer: Information Security is the practice of defending (guiding) information by considering the CIA Triad Principles which are Confidentiality (Authorize access), Integrity (Accuracy and Completeness) and Availability.
Question 2: How is the CNSS model of information security organized?
Answer: The Committee on National Security System (CNSS) is organize by considering the secure system attributes known as CIA triangle which extend the relationship among the three attributes by axes show in diagram below.it ends up with 3*3*3 Cube with 27 cells. Each cell represents an area of intersection among these three dimensions that must address to secure information system. The CNSS Model is also known as Mc Cumber Cube
Question 3: What three principles are used to define the C.I.A. triangle? Define each in the context in which it is used in information security.
Answer: The three principles of C.I.A. triangle are Confidentiality, Integrity and Availability.
This context is used in information security in the following ways:
Confidentiality: Access controls help ensure that only authorized subjects can access objects. When unauthorized entities are able to access systems or data, it results in a loss of confidentiality.
Integrity: Integrity maintains the consistency, accuracy and trustworthiness of data over its entire lifecycle.
Availability Authorized requests for objects must be granted to subjects within a reasonable amount of
There are number of different models proposed as framework for information security but one of the best model is McCumber model which was designed by John McCumber. In this model the elements to be studied are organized in a cube structure, in which each axis indicates a dissimilar viewpoint of some information security issue and there are three major modules in each axis. This model with 27 little cubes all organized together looks similar like a Rubik's cube. There are three axes in the cube they are: goals desired, Information states, and measures to be taken. At the intersection of three axes you can research on all angles of an information security problem.
1.1Security CategorizationUsing either FIPS 199 or CNSS 1253, categorize the information system. The completed categorization should be included in the security plan.
(TCO 6) Many believe that the most important physical security control is _____. (Points : 5)
Information security is the protection of information against accidental or malicious disclosure, modification or destruction. Information is an important, valuable asset of IDI which must be managed with care. All information has a value to IDI. However, not all of this information has an equal value or requires the same level
If you don’t have the answers to some of the questions pointed above, I believe there is a need to carryout a redesign of the authorizations within your system.
Access control refers to the mechanisms that identify who can and cannot access a network, resource, application, specific action.
Due in Week Seven: Outline the Access Control Policy. Describe how access control methodologies work to secure information systems
Integrity is only allow authorized subjects (person, process, or program) to make modification or fabrication to the object (data item); Confidentiality is about allowing only authorized subjects to view or access the object.
The major security principles are integrity, reliability and confidentiality. These three principles present a platform for establishing and applying industrial business security principles for the prevention and protection of IT structures. The three security principles are the foundation of a coherent ISMS framework as they offer a guideline for its growth.
The CIA triad of confidentiality, integrity, and availability is at the heart of information security (Perrin, 2012). The pillars of the CIA Triad provide a significant foundation of security in an information system. The decisions and implementations of each of these pillars will impact the overall security posture. Pillars are incremental so an increase or decrease in implementation of a given pillar will have a cumulative effect.
Select one of the three characteristics of information security (CIA) and explain its importance as related to the development of policy, education, OR technology.
16. what is the relationship between the MULTICS project in the early development of computer security?
14. How can the practice of information security be described as both an art and a science? How does security
The guiding security principles in the scenario are geared to protect its assets. The of its assets are information and data. The CIA triad of Confidentiality, Integrity and Availability which is the pinnacle of information security must always be considered when protecting these invaluable assets.
Availability: Ensuring that systems and data are accessible to authorized users when they need it.