Ethical Hacking and penetration testing are common terms, popular in information security environment
for a long time. Increase in cybercrimes and hacking create a great
challenge for security experts and analyst and regulations over the last
decade. It is a popular war between hackers and security professionals. CEH v10 Ethical Hacking Concepts and scope
Fundamental challenges to
these security experts are of finding weakness and deficiencies in
running and upcoming systems, applications, software and addressing them
proactively/. It is less costly to investigate proactively before an
attack instead of investigating after falling into an attack, or while
dealing with an atttack. For security aspect, prevention and protection, organizations
have their penetration testing teams internally as well contracted
outside professional experts when and if they are needed depending on
the severity and scope of the attack.
CEH v10 Information Security Controls
Information Assurance, in short, know as IA, depends upon the components that are integrity, Availability, confidentiality, and Authenticity. With the combination of these components, assurance of information and informaion systems are ensured and protected during the processes, usage, storage, and commnication. These components are defined earlier in this chapter. CEH v10 Information Security Controls
Elements Of Information Security
- Confidentiality
- Integrity
- Availability
- Authenticity
- Non-Repudiation
See also :- Click Here ( Elements of Information Security )
Apart from these componenets, some methods and processes also help in the achievement of information assurance such as :-
- Policies and processes.
- Netork Authentication
- User Authentication.
- Network Vulneratbilites.
- Identifying problems and resources.
- Implementation of a plan for identified requirements.
- Application of information assurance control.
Information Security Management Program
Information Security Management Programs are the programs that are specially designed to focus on reducing the risk and vulnerabilites towards information security environment to train the organization and user to work in the less vulnerable state. The information security management is a combined management solution to achieve the required level of information security using well-defined security policies, process of classification, reporting, and management and standard.
I hope you liked this post, then you should not forget to share this post at all.
Thank you so much :-)
