Presentation is loading. Please wait.

Presentation is loading. Please wait.

 Controls that provide security against internal and external threats  2 Types of access controls: › Physical controls › Logical controls.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: " Controls that provide security against internal and external threats  2 Types of access controls: › Physical controls › Logical controls."— Presentation transcript:

1

2  Controls that provide security against internal and external threats  2 Types of access controls: › Physical controls › Logical controls

3  Buildings including their power and security  Technology centers  Telecommunication rooms (switches, hubs, routers)  Customer documentation  Audit files  Inventory

4  Biometric devices  Security guards  Locks and keys  Surveillance  Alarm system

5  Servers and their operating systems  Network systems  Database systems or file systems  Users Applications  Communication systems  Online Reports  Audit logs

6  Firewalls  Encryption  Passwords  Authentication system

7 Level of protection Level of Risk

8

9  Risk assessment  Test of controls  Analysis  Feedback

10  Size of the system  Complexity  Local vs. Remote  Wireless Technologies  Shared files and databases  Changes to infrastructure

11  Penetration tests  Monitor controls  Review controls

12

13  Number of external intrusion attempts  Number of internal unauthorized attempts  Number of security incidents caused by unauthorized access  Number of entitlement reviews not in compliance

14  www.questbiometrics.com, 2005. “Biometrics solutions; Classification of Biometric Technologies based on physical traits.” www.questbiometrics.com  Participating with Safety Briefing no. 3 “Passwords & Access Controls”, March 2002. Paul Mobbs, Association for Progressive Communications.  Access Controls, www.wikipedia.orgwww.wikipedia.org  Singleton, Tommie W. “What every IT Auditor should know about Access Controls. Information systems Control Journal. Volume 4. 2008  Muthukrishan Ravi. G38 Access Controls ISACA. www.isaca.org. February 1, 2008.www.isaca.org

Download ppt " Controls that provide security against internal and external threats  2 Types of access controls: › Physical controls › Logical controls."

Similar presentations

To ensure quality instruction and educational success, NVC Information Technology is committed to delivering high quality technical leadership, resources,

To ensure quality instruction and educational success, NVC Information Technology is committed to delivering high quality technical leadership, resources,
Point Protection 111. Check List AAA to the Network Devices Controlling Packets Destined to the Network Devices Config Audits.

Point Protection 111. Check List AAA to the Network Devices Controlling Packets Destined to the Network Devices Config Audits.
4 Information Security.

4 Information Security.
Protection of personal mobile computer devices Information Security Isaac Fernandes, mci12009 Sofia Nunes, mci12014.

Protection of personal mobile computer devices Information Security Isaac Fernandes, mci12009 Sofia Nunes, mci12014.
Managing A Secure Infrastructure – Tales From the Trenches November 6, 2003.

Managing A Secure Infrastructure – Tales From the Trenches November 6, 2003.
The Islamic University of Gaza

The Islamic University of Gaza
Security Controls – What Works

Security Controls – What Works
Information Security Policies and Standards

Information Security Policies and Standards
Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia

Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia
6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.

6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.
Enterprise security How to bring security transparency into your organization ISSA EDUCATIONAL SESSION Nicklaus Schleicher, VP Support & Customer Service.

Enterprise security How to bring security transparency into your organization ISSA EDUCATIONAL SESSION Nicklaus Schleicher, VP Support & Customer Service.
IS Network and Telecommunications Risks

IS Network and Telecommunications Risks
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart1 of 222 C HAPTER 7 Information Systems Controls for Systems.

© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart1 of 222 C HAPTER 7 Information Systems Controls for Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.

Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.
Know the Client Own the Problem Share the Solution The 2005 Case for Information Technology Security October 14, 2004.

Know the Client Own the Problem Share the Solution The 2005 Case for Information Technology Security October 14, 2004.
NETWORKS Lauren Hickman Patrick McCamy Morgan Pace Noah Ryder.

NETWORKS Lauren Hickman Patrick McCamy Morgan Pace Noah Ryder.
Chapter 16 AAA. AAA Components  AAA server –Authenticates users accessing a device or network –Authorizes user to perform specific activities –Performs.

Chapter 16 AAA. AAA Components  AAA server –Authenticates users accessing a device or network –Authorizes user to perform specific activities –Performs.
Kevin R Perry August 12, 2014. Part 1: High Level Changes & Clarifications.

Kevin R Perry August 12, Part 1: High Level Changes & Clarifications.

Similar presentations

Ads by Google