Information Systems Evaluation
Autor: moto • September 27, 2012 • Essay • 2,146 Words (9 Pages) • 3,026 Views
1. Identify and define three objectives that are key to achieving effective security architecture.
The key to achieving effective data security architecture relies in an organization's efforts to maintain the confidentiality, integrity, and availability of its environment.
Confidentiality
Confidentiality refers to the efforts taken through policy, procedure, and design in order to create and maintain the privacy and discretion of information and systems.
Integrity
Integrity refers to the efforts taken through policy, procedure, and design in order to create and maintain reliable, consistent, and complete information and systems.
Availability
Availability refers to the efforts taken through policy, procedures, and design to maintain the accessibility of resources on a network or within a database. These resources include, but are not limited to, data, applications, other databases, computers, servers, applications, files, drives, shares, and network access
2. List six common errors that users make on a network. Give examples of each
Here is a list of the most common errors made by users on a network:
Poor habits—leaving computers unlocked and unattended while using the restroom, attending meetings, going to lunch, or visiting colleagues.
Password error—choosing easy-to-guess passwords; writing passwords down on sticky notes or in notebooks and storing them in plain sight on desks, under keyboards, or on top of monitors.
Disregard for company policy—visiting unauthorized Web sites and downloading unauthorized software in the process; attaching unauthorized equipment to their PCs, like USB (Universal Serial Bus) devices and external hard drives; logging into the company remotely using unapproved personal laptops and computers.
Opening unknown e-mails—viewing risky attachments containing games, greeting cards, pictures, and macro files.
Inappropriate disclosure—giving out information over the phone and falling prey to social engineering.
Procrastination—failing to report computer or network issues in a timely manner
3. Explain the multi-layered nature of security.
Deploying multiple layers of security within critical database environments is the most effective approach to minimizing the risk of a data breach. It is quite a simple concept to comprehend: if multiple layers of security are applied to a data storage environment, then intruders will have a more difficult time accessing the data.
...