2. Describe the relationship between an ‘email privacy policy’ and an ‘Internet use policy’.
An email privacy policy details the extent to which email messages may be read by others. An internet use policy contains the general principles to guide the proper use of the Internet.
An email privacy policy details the extent to which email messages may be read by others. An internet use policy contains the general principles to guide the proper use of the Internet.
3. Summarise the five steps to creating an information security plan
1. Develop information security policies2. Communicate these policies with staff
3. Identify the critical information, assets and risks
4. Test and re-evaluate the risks
5. Obtain the support of stakeholders4. What do the terms; authentication and authorization mean, how do they differ, provide some examples of each term.
Authentication is a method of confirming users identities whilst authorisation is the process of giving someone permission to do or have something. Authentication involves something the user knows, such as a password; has, such as a smart card; or is, such as fingerprint for biometrics. Once a system determines the authentication of a user, it can then determine the access privileges, for that user. Authorisation is the process of giving someone permission to do or have something.
5. What are the Five main types of Security Risks, suggest one method to prevent the severity of risk?
All information sourced from:
- Baltzan, P., Phillips, A., Lynch, K., & Blakey, P. (2010). Business Driven Information Systems. Sydney: McGraw-Hill Australia Pty Ltd
- Lecture Slides
- Lecture Slides
No comments:
Post a Comment