Your Ad Here

Sunday, May 18, 2008

CISA and CISSP Information

Below are some security information that will help you in the CISA and CISSP certifications

Understanding the Threat
  • Protecting information assets is a significant challenge for IT Security Professionals
  • To protect information assets IT Security Professionals must use:
  1. Administrative Controls
  2. Physical Controls
  3. Technical ControlsReasons for Security Issues
• Technology Weaknesses
o Each network & computing technology has inherent security problems.
• Configuration Weaknesses
o Even the most secure technology can be misconfigured exposing security problems.
• Policy Weaknesses
o A poorly defined, implemented or managed security policy can make the best security infrastructure open for abuse.

Security Definitions
• Threats
o A threat is any potential danger to information or systems

• Vulnerabilities
o A vulnerability is a software, hardware or procedural weakness that may provide an attacker a way to access information or systems.

• Attacks
o An attack is a technique used to exploit a vulnerability.

No comments: