In: Computer Science
*Need 200 words for all 6 questions in total with some websites for resources*
Answer;
Discuss and Describe the CIA Triad
Confidentiality, Integrity, Availability
What are the requirements to hold a person accountable for their actions of their user account?
Auditing and Non-Repudiation
Describe the benefits of Change Control Management
Changes to systems are fully documented, approved, contain change plans, backout plans. So all changes made to a baseline as documented in a controlled fashion.
What are the seven major steps or phases in the implementation of a classification scheme?
1. Identify the custodian and define their
responsibilities.
2. Specify the evaluation criteria of how the information will be
classified and labeled
3. Classify and Label each resource.
4. Document any expectations to the classification policy that are
discovered.
5. Select the security controls that will be applied to each
classification level to provide the necessary level of
protection.
6. Specify the procedures for declassifying resources and the
procedures for transferring custody of a resource to an external
entity.
7. Create an enterprise wide awareness program to instruct all
personal about the classification system.
What are the 6 primary security roles as defined by ISC2?
1. Senior Manager
2. Security Professional
3. Data Owner
4. Data Custodian
5. User
6. Auditor