Assignment:

1. What is an Information Security Assurance?

-The Role Information assurance and security is to Protect your information data. and it have a
two fields Information assurance, which focuses on ensuring the availability, integrity,
authentication, confidentiality, and information and systems.

2. Components Information Security Assurance?

What is the definition of information assurance? In a nutshell, information assurance refers to the
safeguarding of data and the manner in which it is processed, used, transferred, and kept.

1.) Availability

The way people are provided access to sensitive information within your company's infrastructure is
referred to as availability.

2.) Integrity

As an information assurance principle, integrity means that your sensitive data is not interfered with in
any way.

Antivirus software, penetration tests, and other security measures are frequently used to ensure that
hackers do not undermine the integrity of your data.

3.) Confidentiality

Confidentiality is perhaps the most crucial principle of information assurance. Only users who require
access to sensitive data should be allowed to view, store, modify in approved ways, or transmit it. Privy
information should not be easily accessible, as this makes it too easy for hackers to obtain.

4. Authentication

Authentication necessitates the implementation of rules to ensure that users are who they say they are.
Before accessing any personal material, users must give proof of their identity.

Passwords, scannable cards, and multifactor authentication are examples of common and simple
authentication techniques.

3.)Differentiate the certification programs to Common body language?

Eye contact, gestures, and facial expressions make up the majority of our nonverbal
communication; they can send significant messages.However, there are significant cultural
variances in how people communicate through body language. It can be quite visible, or it can
be very subtle.
4. Differentiate the Governance and Risk management?

The whole set of rules, policies, and standards that guide a firm is known as governance, or corporate
governance. Risk management, often known as enterprise risk management, is the process of
recognizing potential company risks and taking steps to mitigate or eliminate their financial impact.

5. Different between Security Architecture to Design?

We need to look at the relationship between the two terms. Specifically, the difference between
architecture, and design.

architecture, on the other hand, is utilized to decide the generally shape a set of arrangements must
take. It’s comparable to “Strategy”, the investigation and arranging of a arrangement of engagements
and fights to win a war, in that it takes into consideration cost-benefit examinations, future
development, and tries to figure how a certain set of trade needs can be solved while posing the
organization within the most advantageous way conceivable to require advantage of future alter.

In the context of security, Security design looks at all the components of a framework, and the potential
dangers to that framework, and decides the set of issues to be fathomed to diminish those dangers
within the most effective and coordinates mold. It doesn’t make sense, for occurrence, to decide that
examining is essential, so an examining arrangement is secured and spun up, as it were to discover the
output is unusable within the system’s ticketing arrangement.

7. What is Physical Security Control?

Securing premises and devices from physical attacks can be just as challenging as defending against
cyber threats. Automation and AI are increasingly used to shore up defenses.

Physical security is the protection of people, property, and physical assets from actions and events that
could cause damage or loss. Though often overlooked in favor of cybersecurity, physical security is
equally important.

8. What is Operations Security?

Operational security is a process that organizations deploy to prevent sensitive information from getting
into the wrong hands. Identifies actions that may seem innocuous but could inadvertently result in
critical or sensitive data being revealed or leaked to a potential attacker.

9. What is Law?

Law is a set of rules decided by a particular place or authority meant for the purpose of keeping the
peace and security of society.
Courts or police may enforce this system of rules and punish people who break the laws, such as by
paying a fine, or other penalty including jail. In ancient societies, laws were written by leaders, to set out
rules on how people can live, work and do business with each other. But many times in history when
laws have been on a false basis to benefit few at the expense of society, they have resulted in conflict.

10. What is Investigation?

The reason of an Investigation is to set up significant truths to demonstrate or discredit affirmations of

fraud and debasement. It may be a legitimately built up fact-finding process conducted in an fair-minded
and objective way, with the point to set up the significant realities and make suggestions in this
association.

11. What is Ethics?

Ethics is based on well-founded standards of right and wrong that prescribe what humans ought to do,
usually in terms of rights, obligations, benefits to society, fairness, or specific virtues.

At its simplest, ethics is a system of moral principles. They affect how people make decisions and lead
their lives. Ethics is concerned with what is good for individuals and society and is also described as
moral philosophy

12. What is Information Security?

The term information security implies securing data and data frameworks from unauthorized get to,
utilize, divulgence, disturbance, adjustment, or pulverization in arrange to supply astuteness, secrecy,
and accessibility.