목차

1. How can a security framework assist in the design and implementation of a security infrastructure? What is information security governance? Who in the organization should plan for it?
2. What are the differences between a policy, a standard, and a practice? What are the three types of security policies? Where would each be used? What type of policy would be needed to guide use of the Web? E-mail? Office equipment for personal use?
3. What is contingency planning? How is it different from routine management planning? What are the components of contingency planning?
4. When is the IR plan used?
5. When is the DR plan used?
6. When is the BC plan used? How do you determine when to use the IR, DR, and BC plans?
7. What are the five elements of a business impact analysis?
8. What are Pipkin’s three categories of incident indicators?
9. What is containment, and why is it part of the planning process?
10. What is computer forensics? When are the results of computer forensics used?
11. What is an after-action review? When is it performed? Why is it done?

본문내용

1. How can a security framework assist in the design and implementation of a security infrastructure? What is information security governance? Who in the organization should plan for it?
보안 프레임워크는 조직의 보안을 효과적으로 구현하기 위해 수행해야 할 단계에 대한 개요를 제공할 수 있습니다. 거버넌스는 이사회와 경영진이 시행하는 일련의 책임과 실천 요강으로, 전략적 방향 제공을 목적으로 위험이 적절히 관리되고 기업 리소스가 책임감 있게 사용되고 있음을 확인합니다. 전략적 방향을 제시하고, 목표 달성을 보장하고, 위협 위험을 적절히 관리하고, 정보 보안 기능에 대한 책임 있는 자원 활용을 검증하는 것은 경영진의 책임입니다.

참고 자료

없음