Scribd Logo
Upload

Welcome to Scribd!

  • 245 views

    PSIT - IT Security & Management PDF

    Uploaded by

    John Redel
    The document contains a student's responses to questions about information security concepts. 1. The student recommends encrypting customer data, securing the computing environment, and connecting the private and public LANs to allow employee monitoring. 2. The CIA triad alone is not sufficient for enterprise security as without proper implementation, customer data could be disclosed, for example by visiting a malicious website and providing personal information. 3. The security star framework works by having all components interact to achieve security objectives.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd

    PSIT - IT Security & Management PDF

    Uploaded by

    John Redel
    245 views1 page
    The document contains a student's responses to questions about information security concepts. 1. The student recommends encrypting customer data, securing the computing environment, and connecting the private and public LANs to allow employee monitoring. 2. The CIA triad alone is not sufficient for enterprise security as without proper implementation, customer data could be disclosed, for example by visiting a malicious website and providing personal information. 3. The security star framework works by having all components interact to achieve security objectives.

    Original Title

    PSIT - IT Security & Management.pdf

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    The document contains a student's responses to questions about information security concepts. 1. The student recommends encrypting customer data, securing the computing environment, and connecting the private and public LANs to allow employee monitoring. 2. The CIA triad alone is not sufficient for enterprise security as without proper implementation, customer data could be disclosed, for example by visiting a malicious website and providing personal information. 3. The security star framework works by having all components interact to achieve security objectives.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    245 views1 page

    PSIT - IT Security & Management PDF

    Uploaded by

    John Redel
    The document contains a student's responses to questions about information security concepts. 1. The student recommends encrypting customer data, securing the computing environment, and connecting the private and public LANs to allow employee monitoring. 2. The CIA triad alone is not sufficient for enterprise security as without proper implementation, customer data could be disclosed, for example by visiting a malicious website and providing personal information. 3. The security star framework works by having all components interact to achieve security objectives.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    of 1

    Gicar, Redel John D.

    BSIT - 4A
    PSIT III – IT SECURITY & MANAGEMENT

    1. Consider a small e-business enterprise with its Web site hosted at a secure ISP
    company. Customers buy online on the company Web site. Assume that the
    enterprise has a computing environment consisting of two LANs: a private LAN for
    the administration of the computing environment and a public LAN for employees.
    How can you best devise a security program based on the concepts you learned in
    this lesson?

    My best plan is to encrypt all the data of every customers that they only allowed to
    access. Securing the computing environment is also needed. Private LAN for Admin and
    Employees is also good, but the LAN for the Admin should be connected to the
    employees in order to monitor the work of the employee in that certain company.

    2. Explain, your own way, why a goal-driven security model such as the CIA triad is
    not sufficient to achieve enterprise security. Give a counterexample to support
    your answer.

    CIA Triad is not sufficient to achieve enterprise security because if you’re not
    knowledgeable about this and don’t have a proper implementation there is a tendency of
    customers/your data or information will be disclosed.
    For Example: Visiting any malicious website and that certain website asking any personal
    information you have, you’re helping hacker to access your personal account (bank
    account, social media account).

    3. Explain, using a simple example, how the security star works.

    The security star works through interacting to every components to achieve security
    objectives.

    4. Give an example of a security policy for managing a password.

    Password Audit Policy – allows you to track all password changes.

    5. Explain, in your own way, the importance of the information security.

    The importance of the Information Security is to prevent the leakage of any form of data,
    files and other information that can lead to hacking/corrupting activities.

    6. Provides alternative definitions for noise, data, information, and knowledge.

    Noise – unknown codes system


    Data – known codes system
    Information – generating both cognition and surprise
    Knowledge – accepted facts, principles, or rules of thumb that are useful for specific
    domains.

    You might also like