In: Computer Science
1) Answer:-
The bank work towards iso certification because it satisfy some
requirements.
they are:-
1) Need for fulfilling regulatory requirements
2) Need for sustaining and improving market faith
3) sustaining customer confidence
4) improving service level
5) Reducing transaction time
6) differentiation from other banks
7) efficiency improvement.
8) Greater customer satisfaction
9) Higher profitability and increased market share
!0 reasons for accquiring ISO certification:-
1) Meet customer requiremetns
2) Get more revenue and bussiness suggestions for new
customers
3) Improve company and product quality
4) Increase customer satisfaction with the products
5) Describe,understand and communicate the company processes
6) Develop a professional culture and better emplloy
relationship
7) Improve the consistency of operations
8) Focus management of employees
9) Improve efficiency,reduce waste and save money for the
company
10) Achieve international quality recognition
2) Answer:-
ISO/IEC 27002 is a popular, internationally-recognized standard of good practice for information security.It is a massive monolithic standard cover a broad range of information with security controls.
The controls are divided into
1) Organizational controls:- controls involving management and the
organization.
2) Technical controls :- controls involve or relate to
technologies(cybersecurity)
3) People controls :- controls involve or relate to
activities,behaviors,roles and their responsibilities
4) Physical controls:- touchable controls such as locks, and other
types of environmental protection and controls such as fire and
intruder alarms and uninterruptible power supplies(U.P.S) etc
5) External party controls :- controls involve or related to
parties which is outside the scope of an ISMS (examples:-
contracted cloud services, service level agreements,legal and
regulatory obligations, privacy policies and other obligations to
customers etc).
And some other alternative suppliers/sources of necessary
information services, as well as data backups(example:- online or
offline).
3) Answer
Yes we can use the NIST Cybersecurity model and any other tools
related to that working of organization properly.
The five elements of NIST cybersecurity framework:-
1) Identify
2) Protect
3) Detect
4) Respond
5) Recover
these above 5 elements are related to the functions of the core
framework.
3 parts of NIST cybersecurity framework:-
1) Functions
2) Categories and 3) Subcategories
Top 4 cybersecurity frameworks:-
1) PCI DSS (47%)
2) ISO 27001/27002 (35%)
3) CIS Critical Security Controls (32%)
4) NIST Framework for Improving Critical Infrastructure Security
(29%)
NIST framework also follows CIA triad For better
security concepts.
1) CIA means Confidentiality,Integrity and Availability
#Confidentiality:- It is a set of rules that limits the access to
the secured information
# Integrity :- It is the assurance that the information is
trustworthy,reliable and accurate.
#Availability:- It is a guarantee of reliable access to the
information for the only authorized people not for unauthorized
people.
Framework implemented in 5 steps:-
1) Select target goals
2) Create detailed profile
3) Assess current position
4) Analyze gaps and identify necessary actions
5) Implement action plan
Elements of cybersecurity:-
1) Information security
2) Application security
3) Disaster recovery
4) Network security
5) End user education
6) Operational security
4) Answer
By accepting this policy, you also agree that the Company can use
your personal information to contact you for the marketing and
marketing purposes.
By sending the emails
By the help of cookies and log files
By the help of third party cookies
Links and external websites
By the help of advertisements
By the help of social media links
5) Answer
Other criteria should be followed to maintain the security policy
of the regional banks:-
1) Completed and assured transaction
2) proper notifications
3) A well managed password :- Should be well defined with
strongness
4) Browser requirements and proper interfaces.
5) Cookies information:- Erase it in internal storage for security
purposes.
6) Install the security upgrades for your system or device and keep
them up to date.
7) Install recognised third party antivirus softwares.
8) Daily make backups of your important files.
9) Never leave your computer unattended or without lock.
10) Install a personal firewall or proper system security
requirements.
11) Make sure the hard disk and the printer of your personal system
components are not in shared mode.
12) Avoid unnecessary links or images (to avoid phishing
attacks).
13) Use backup devices and other power supplies for your data
privacy.
14) Don't connect to the internet unnecessarily.
15) Every time you should logout of every login
session.
I hope you,you will like the answer.