Scribd Logo
Upload

Welcome to Scribd!

  • Activity Template

    Uploaded by

    munoz.136577090096
    5 views3 pages

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    5 views3 pages

    Activity Template

    Uploaded by

    munoz.136577090096

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 3

    UNIVERSITY OF THE EAST

    Manila
    COLLEGE OF COMPUTER STUDIES AND SYSTEMS

    CIA 1101: Information Assurance and Security 1

    Name: Activity Number:


    Section: Activity Name:

    Answer the following questions to test your understanding of the content covered in this topic.

    Discuss the properties of a secure information processing system.

    A secure information processing system is made to protect information and guarantee its
    availability, confidentiality, and integrity. A secure information processing system's attributes
    cover a wide range of topics, such as technology, rules, and guidelines.

    1. Confidentiality:
     Encryption: Using encryption methods to safeguard private information while it's being
    processed, transferred, and stored.
     Access control is the process of putting in place procedures and guidelines to guarantee
    that only systems or people with permission may access particular data.
    2. Integrity:
     Data Integrity Controls: Detecting and stopping illegal modifications to data using
    techniques like hash functions and checksums.
     Version control is the process of keeping track of data versions in order to maintain
    information integrity across time.
    3. Availability:
     Redundancy: Putting in place backup systems and redundant systems to guarantee that
    important data is available in the event of a hardware malfunction, a natural disaster, or
    other disturbances.
     Distributed Systems: Distributed architecture is used to improve fault tolerance and
    availability.

    In the context of information security, what factors determine the value of an asset?
    An asset's worth in information security is based on a number of factors that also influence how
    important and significant it is to an organization. These elements support companies in
    efficiently allocating resources and prioritizing security activities. An asset's value is primarily
    determined by the following factors:

    1.Confidentiality:
    • Sensitive Information: The asset's degree of secrecy, particularly if it contains classified
    or sensitive data.
    2.Integrity:
    • Critical Data: The significance of preserving the asset's correctness and dependability,
    especially if it contains important data that shouldn't be tampered with or changed.
    3. Availability:
    •Company Continuity: The way losing an asset will affect how the business operates.
    High-value assets are frequently essential to the ongoing functioning of businesses.
    4.Utility and Efficiency:
    • Critical Functions: The extent to which the asset supports the main tasks and operations
    of the company.
    5.Reputation:
    • Brand Image: If the asset has been compromised, there might be a negative effect on
    the company's image and a decline in consumer confidence.
    6. Regulatory Compliance:
     Legal and Regulation Requirements: How crucial the asset is to fulfilling legal and
    regulation requirements. There might be fines and legal consequences for
    noncompliance.
    7.Financial Impact:
     Monetary Value: The asset's total value, which takes into account the cost of
    replacement, market value, and possible loss in the event of a compromise.

    8.Reliances:
     Systems that are Interconnected: The degree to which an asset is dependent upon
    other systems or activities. There is a chance that important dependencies in the
    infrastructure of the company exist for high-value assets.

    9.The importance of operations:


    • Mission-Critical: The asset's contribution to operations and services that are essential to
    the mission. strategic significance Strategic objectives: How closely the asset fits the
    aims and goals of the organization's strategic planning.

    10.Stage of Lifecycle:
    • Development and Production: The lifespan stage of the asset, with assets in crucial
    development or production phases often having a greater value.

    11. Ownership:
    • Ownership and Responsibility: The degree of accountability and ownership attributed to
    the asset, which may affect how much is thought to be worth it.

    12.Threat and Vulnerability Landscape:


    • Potential Risks: The possibility that a particular attack would target the asset and its
    vulnerability to security flaws.

    13.Historical or Cultural Value:


    • Cultural Significance: An asset's total importance may be influenced by its historical or
    cultural significance.

    Organizations are able to value their assets appropriately and carry out a thorough risk
    assessment by taking these aspects into account. This can help in creating a risk management
    plan that prioritizes safeguarding the information infrastructure's most important and valuable
    elements.

    If a security control is described as administrative and compensating, what can you


    determine about its nature and function?

    https://www.lbmc.com/blog/three-tenets-of-information-security/#:~:text=The%20fundamental
    %20principles%20(tenets)%20of,are%20called%20the%20CIA%20Triad.

    You might also like