Revenir à la recherche

01_introduction

Information Security
1 / 20
suivant
Slide 1: Carte mentale
Information SecurityTertiary Education

Cette leçon contient 20 diapositives, avec quiz interactifs et diapositives de texte.

time-iconLa durée de la leçon est: 120 min

Éléments de cette leçon

Information Security

Slide 1 - Carte mentale

Cet élément n'a pas d'instructions

What does cybersecurity primarily focus on?
A
Protecting networks and systems
B
User education and awareness
C
Data storage management
D
Maintaining physical security measures

Slide 2 - Quiz

Cet élément n'a pas d'instructions

Which is a key aspect of information security?
A
Network performance optimisation
B
Data confidentiality and integrity
C
Software development practices
D
User interface design

Slide 3 - Quiz

Cet élément n'a pas d'instructions

Cybersecurity is mainly concerned with which threat?
A
Employee misconduct
B
Natural disasters
C
Cyber attacks and breaches
D
Supply chain management

Slide 4 - Quiz

Cet élément n'a pas d'instructions

Information security ensures the protection of what?
A
Software applications
B
Physical office space
C
Employee productivity
D
Sensitive data and information

Slide 5 - Quiz

Cet élément n'a pas d'instructions

Cybersecurity vs Information Security
Information Security - covers all formats; Cybersecurity focuses on digital. 

Slide 6 - Diapositive

Cet élément n'a pas d'instructions

CIA Triad
Confidentiality: Encryption, access control, social engineering awareness.
Integrity: Hashing, digital signatures, data validation.
Availability: Redundancy, fault tolerance, backup strategies.

Slide 7 - Diapositive

Cet élément n'a pas d'instructions

Security Controls and Best Practices
Types: Administrative, Technical, Physical.

Control Types: Preventive, Detective, Corrective, Deterrent, Compensating.
Principles: Least privilege, separation of duties, defense-in-depth.
Security Controls and Best Practices

Slide 8 - Diapositive

Cet élément n'a pas d'instructions

What is Security Framework? 
a structured set of guidelines, standards, and best practices that organizations use to:

Identify and manage security risks.
Protect critical information assets.
Ensure compliance with regulations.
Establish a strong security posture.

Slide 9 - Diapositive

Cet élément n'a pas d'instructions

Why use security framework?

Slide 10 - Question ouverte

Cet élément n'a pas d'instructions

Why use Security Framework?
Provide consistent practices across systems and teams.
Ensure regulatory and industry compliance.
Support risk-based decision-making.
Promote continuous security improvement.

Slide 11 - Diapositive

Cet élément n'a pas d'instructions

Security Frameworks Overview
ISO/IEC 27001
NIST SP800-53
COBIT
PCI-DSS

CIS Top 20

Slide 12 - Diapositive

Discuss how frameworks support governance and compliance. 
What can you understand about Security Framework ISO/IEC 27001?

Slide 13 - Question ouverte

Cet élément n'a pas d'instructions

NIST SP 800-53

U.S.-based framework by the National Institute of Standards and Technology.
Provides a catalog of security and privacy controls.
Used heavily in government and federal systems.
Structured around the Risk Management Framework (RMF).

Slide 14 - Diapositive

Cet élément n'a pas d'instructions

PCI-DSS (Payment Card Industry Data Security Standard)
Created by major credit card companies (Visa, MasterCard, etc.).
Applies to organizations handling cardholder data.
Focus areas:
Secure network and systems.
Protect cardholder data.
Vulnerability management.
Access control and monitoring.

Slide 15 - Diapositive

Cet élément n'a pas d'instructions

COBIT (Control Objectives for Information and Related Technology)
Developed by ISACA.
Focuses on IT governance and management.
Aligns IT goals with business objectives.
Includes 4 domains: Plan, Build, Deliver, Monitor.

Slide 16 - Diapositive

Cet élément n'a pas d'instructions

Slide 17 - Diapositive

Cet élément n'a pas d'instructions

Risk Management Concepts
Define risk, threat, vulnerability, impact.
Introduce the risk formula:
Qualitative: Risk = Threat × Vulnerability.
Discuss exposure, countermeasures, and residual risk.

Slide 18 - Diapositive

Cet élément n'a pas d'instructions

Risk Assessment and Mitigation Process
Steps in risk assessment:
1. Identify assets.
2. Identify threats and vulnerabilities.
3. Analyze risk.
4. Evaluate and prioritize.



Risk Responses: Accept, avoid, transfer, mitigate.

Slide 19 - Diapositive

Cet élément n'a pas d'instructions

Information Security Governance and Leadership
Role of policies, leadership, and culture.

SOC (Security Operations Center) and incident response.

Cyber resilience planning and communication.

Slide 20 - Diapositive

Cet élément n'a pas d'instructions

Plus de leçons comme celle-ci

Guarding Against Cyber Threats: Understanding Cyber Operations

- Leçon avec 14 diapositives

Cybersecurity Basics: Protecting Your Digital World

- Leçon avec 13 diapositives
MathematicsFurther Education (Key Stage 5)

Guarding the Gateway: Understanding and Defending Against Network Threats

- Leçon avec 21 diapositives

12 networking security

- Leçon avec 14 diapositives
ComputingFurther Education (Key Stage 5)

Navigating the Cyber Landscape: Understanding the Need for Cyber Operations Management

- Leçon avec 14 diapositives

Digital Literacy - Session 4 - Managing and Storing Digital Information

- Leçon avec 14 diapositives
ComputingFurther Education (Key Stage 5)

How to maintain health, hygiene and security in the working environment

- Leçon avec 19 diapositives
Health, Hygiene & SecurityHigher Education (degree)

DfI Skills Academy - Day 14 - Navigating Professionalism

- Leçon avec 40 diapositives
ConstructionHigher Education (non-degree)