ISYS104 Lecture Notes - Lecture 12: Information Security Management, Disaster Recovery, Network Tap
Document Summary
What are the sources and types of security threats. What are the elements of a security program. How can technical safeguards protect against security threats. How can data safeguards protect against security threats. How can human safeguards protect against security threats. How should organisations respond to security incident. Fires, floods, cyclones, earthquakes, tsunamis, avalanches, tornados. Loss of sales and services, purchase and payment data, software and hardware. Cost of replacing and recovering data, reconstructing facilities, lost customers, lawsuits/legal costs. Posting private information in a public place. Pretexting: pretending to be someone else via phone call. Spoofing: disguising as a different ip address or different email sender. Sniffing/ drive by sniffing: searching for unprotected or wep wireless networks. Incorrectly sending wrong goods to customer or goods to wrong customer. Errors in hardware, software, program, data installation. Unauthorised program or update replaces legitimate/approved program. Flood web server with millions of requests for web pages. Water line breaks causing damage to hardware.