Scribd Logo
Upload

Welcome to Scribd!

  • IT Security Career Paths and Certifications

    Uploaded by

    Salma Rizwan
    27 views1 page
    Concepts of

    Original Title

    01 02 Concepts

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Concepts of

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    27 views1 page

    IT Security Career Paths and Certifications

    Uploaded by

    Salma Rizwan
    Concepts of

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 1

    IT Security Career Paths and Certifications

    with Marc Menninger

    An Overview of Key IT Security Concepts

    CIA

    lity

    Int
    tia
    • Confidentiality: keeping secret information secret

    eg
    n
    de

    rity
    nfi
    • Integrity: protecting information from being changed or damaged Security

    Co
    Information
    • Availability: ensuring information is available when needed

    Availability
    Best Practices
    These are methodologies generally recognized to achieve strong security within an organization. To get a
    better understanding of security best practices, start by studying these security frameworks:

    • CIS CSC
    https://www.cisecurity.org/critical-controls.cfm
    • NIST SP 800-53
    http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r4.pdf
    • PCI DSS
    https://www.pcisecuritystandards.org/document_library?category=pcidss&document=pci_dss
    • ISO:/EC 27001/27002
    http://www.iso.org/iso/catalogue_detail?csnumber=54534
    http://www.iso.org/iso/catalogue_detail?csnumber=54533

    Defense in Depth
    Defense in depth is having many lines of defense to protect from one form of attack.

    Policies, Standards, Procedures, and Guidelines


    • Policies: general statements from management about security
    rules that need to be followed Policies
    • Standards: specific mandatory security controls Standards
    • Procedures: step-by-step instructions for implementing Procedures
    the standards and policies
    Guidelines
    • Guidelines: recommended actions to follow

    IT Security Career Paths and Certifications with Marc Menninger

    You might also like