Information Security
About Information Security
Information
security refers to the processes and methodologies which are designed
and implemented to protect the print, electronic, or any other form of
confidential, private, and sensitive information or data from
unauthorized access, use, misuse, disclosure, destruction, modification,
or disruption.
Information Security programs are built around 3 objectives, commonly known as CIA – Confidentiality, Integrity, and Availability.
•
Confidentiality – means information is not disclosed to unauthorized
individuals, entities and processes. For example, if we say I have a
password for my Gmail account but someone saw it while I was doing a login
into my Gmail account. In that case, my password has been compromised and
Confidentiality has been breached.
• Integrity – means maintaining
accuracy and completeness of data. This means data cannot be edited in
an unauthorized way. For example, if an employee leaves an organization
then in that case data for that employee in all departments like
accounts, should be updated to reflect the status to JOB LEFT so that data
is complete and accurate in addition to this only authorized person
should be allowed to edit employee data.
• Availability – means
information must be available when needed. For example, if one needs to
access information about a particular employee, that case, requires
collaboration from different organizational teams like network
operations, development operations, incident response, and policy/change
management.
Why is Information Security important?
Information security performs four important roles:
• It protects the organization’s ability to function.
• It enables the safe operation of applications implemented on the organization’s IT systems.
• It protects the data the organization collects and uses.
• It safeguards the technology the organization uses.
Who should take the Information Security Exam?
• IT security or audit professionals
• Entrepreneurs
• Anyone who wants to assess their information security skills
• IT managers and senior executives
• IT consultants
Information Security Certification Course Outline
1. Information Security Basics
2. Cryptography
3. Footprinting
4. Social Engineering
5. Physical Security
6. Network Scanning and Enumeration
7. Network Attacks
8. Wireless Networks
9. System Hacking