Professional Documents
Culture Documents
Abdisalam Issa-Salwe
Taibah University
Information Systems
College of Computer Science & Engineering
Topic list
About Control
Security/Threats and risk
Intrusion Prevention
Contingency planning
Building control into an information
system
Privacy and data protection
Internal vs External Threat
About control
Security in information
management context means the
protection of data from accidental
or deliberate threats which might
cause:
unauthorised modification,
disclosure or destruction of data, and
the protection of the information system
from the degradation or non-availability
of services
Control/Security
Backups
Recovery
Intrusion Prevention
Prevention is the best possible cure
Firewalls
Anti-virus
Content scanning
Security patches
Emerging intrusion prevention
systems
User awareness
10
Contingency planning
Potential threats
Emergency situations or natural events
Organized or deliberate malicious actions
Internal accidents, carelessness, or ignorance
Malicious code (virus, worms, spyware, malware)
Loss of utilities or services
Equipment or systems failure
Serious information security events
Security vulnerabilities
Unsecured accounts
Unpatched systems
Insecure configurations
Network perimeter weaknesses
Inappropriate trust models
Untrained users and administrators
11
12
13
14
15
16
17
18
19
20
10
21
22
11
23
24
12
25
26
13
27
28
14
29
30
15
31
32
16
33
34
17
35
36
18
37
38
19
39
Privacy:
The right of the individual to
control the use of information
about him or her, including
information on financial status,
health and lifestyle (i.e. prevent
unauthorised disclosure).
40
20
41
42
21
43
44
22
45
46
23
About virus
47
48
24
49
Type of virus/program
50
25
51
52
26
53
Tutorial Question
Information system management and
security on the Internet
Discuss
54
27
Reference
55
28