BU486 Chapter Notes - Chapter 8: Intrusion Detection System, Physical Security, Indie Built
Document Summary
Trust service framework organizes it related controls into 5 principles: 1. ) Security access to the system and its data is controlled and restricted to legitimate users: 2. ) Confidentiality sensitive organizational information is protected from unauthorized disclosure: 3. ) Privacy personal information about customers, employees, and suppliers are protected: 4. ) Processing integrity data are processed accurately, completely, in a timely manner, and only with proper authorization: 5. ) availability system and its information are available to meet operational and contractual obligations. Understanding targeted attacks: basic steps criminals use to attack, 1. ) Conduct reconnaissance study and conduct research before doing the attack: 2. ) Attempt social engineering try to get someone to let you in or give you the information you need before going through the trouble of breaking in or hacking: 3. ) Scan and map the target if social engineering does not work, you conduct more detailed research: 4. )