What is the objective of the planning and risk assessment domain of the maintenance model?
Presentation on theme: "Information Security Maintenance"— Presentation transcript: 1 Information Security Maintenance Show
2 Topic Objectives The need for ongoing system maintenance 3 4
Need for Ongoing Maintenance
5 System Management and Maintenance Models 6 Modified ISO Network Management Model 7 ISO Model - Fault Management 8 ISO Model - Configuration and Change Management
9 ISO Model - Technical Configuration and Change Management
10 ISO Model - Accounting and Auditing Management 11 ISO Model - Performance Management 12 ISO Model - Security Program Management 13 Information Security Maintenance Model 14 Maintenance Model
15 Maintenance Model - Monitoring the External Environment 16 External Monitoring
17 ISM Model - Monitoring the Internal Environment
18 Internal Monitoring 19 ISM Model - IT Governance 20 ISM Model - Planning and Risk Assessment 21 Planning and Risk Assessment
22 ISM Model - Vulnerability Assessment and Remediation
23 Vulnerability Assessment Process 24 ISM Model - Remediating
Vulnerabilities
25 ISM Model - Readiness and Review 26
Readiness and Review 27 Digital Forensics Digital forensics Evidentiary material (EM)
28 Digital Forensics (continued)
29 Summary Maintenance of information security program is essential What are the five domains of the General information security Maintenance Model?The five domains of the security maintenance model are external monitoring, planning and risk assessment, internal monitoring, readiness and review, and vulnerability assessment and remediation.
What is the primary objective of the readiness and review domain of the maintenance model?The primary goal of the readiness and review domain is to keep the information security program functioning as designed and to keep it continuously improving over time.
What is the primary goal of the vulnerability assessment and remediation?Vulnerability assessment—also called vulnerability analysis—is a process that identifies, quantifies and analyzes security weaknesses in IT infrastructure. The VA's primary goal is to unearth any vulnerabilities that can compromise the organization's overall security and operations.
What are the three primary aspects of information security risk management?The CIA triad refers to an information security model made up of the three main components: confidentiality, integrity and availability.
|