Monday , September 24 2018

Classic Layout

MOBILE DEVICE ATTACKS

MOBILE DEVICE ATTACKS

A recent information security challenges is the number of mobile devices ranging from USB flash drives to laptops that are infected with malware outside of a security perimeter, and then carried into an organization. Traditional network based protection, such as the firewalls and intrusion detection systems, are powerless to prevent …

Read More »
DATABASE SECURITY

DATABASE SECURITY

Database present unique security challenges. The sheer amount of data that may be housed in a database which requires the special security consideration. As we will see shortly in the “Inference and aggregation” section, the logical connections database users may lead to inference and aggregation attacks, requiring database security precautions …

Read More »
SYSTEM VULNERABILITIES, THREATS, AND COUNTERMEASURES

SYSTEM VULNERABILITIES, THREATS, AND COUNTERMEASURES

System threats, vulnerabilities, and countermeasures describe security architecture and design vulnerabilities, as well as the corresponding exploits that may compromise system security. We will discuss countermeasures, or the mitigating actions of that to reduce the associated risk. COVERT CHANNELS A covert channel is any communication that violates security policy. The …

Read More »
Information Security Governance

Information Security Governance

Information security governance is the information security in the organizational level, which includes senior management, policies, processes, and staffing. It is also the organizational priority provided by the senior leadership, which is required for a successful information security program.   Security Policy and Related Documents Documents such as policies and …

Read More »

Legal and Regulatory Issues

Though general understanding of the major legal systems and their types of law is really essential, it is critical that information security professionals understand the concepts described in the next section. Of course with the ubiquity of information systems, data and applications comes a host of legal issues that require …

Read More »