information security


Annex A.8.2 Information Classification

Annex A.8.2 Information Classification Its objective is To ensure that the information is properly secured, in accordance with its significance to the organization. A.8.2.1 Classification of Information Control- Information should be classification the basis of their legal provisions, criticality, and vulnerability to unwanted release or alteration Implementation Guidance- Classifications and associated information security measures will also include regulatory standards, which take into account market demands for information sharing or restriction. Assets other than information may …

Annex A.8.2 Information Classification Read More »


Overview of Cyber security Frameworks

Cybersecurity Framework provides a policy framework of computer security guidance for how private sector organizations can assess and improve their ability to prevent, detect, and respond to cyber attacks. Overview Overview of Cyber security Frameworks has been in limelight for over few years due to the continual cyber attacks that are happening. Well allow us to understand what Cyber-Security is normally and perceive what’s the most use of its implementation. Cyber security is nothing however a typical method, a bunch of technologies …

Overview of Cyber security Frameworks Read More »


What is Enumeration?

Enumeration is the process of extracting user names, machine names, network resources, shares, and services from a system or network. In the enumeration phase, the attacker creates active connections with system and performs directed queries to gain more information about the target. The attackers use the information collected by means of enumeration to identify the vulnerabilities or weak points in the system security, which helps them exploit the target system. It allows the attacker to …

What is Enumeration? Read More »


Information Security of Threat

Information Security of Threat and a vulnerability are not one and also the same. Security of Threat may be a person or event that has the potential for impacting a valuable resource in a very negative manner. A vulnerability is that quality of a resource or its environment that enables the threat to be complete. AN armed robber is AN example of a threat. A bank teller is AN example of a valuable resource which …

Information Security of Threat Read More »


Enterprise Information Security Architecture

Information Security Architecture Enterprise Information Security Architecture is a set of requirements, processes, principles, and models that determine the current And/or future structure and behavior of an organization’s security processes, information security systems, personnel, and organizational sub-units. It ensures that the security architecture and controls are in alignment with the organization’s core goals and strategic direction.Though Enterprise Information Security Architecture deals with information security, it relates more broadly to the security practice of business. Optimization. …

Enterprise Information Security Architecture Read More »


What is Defense in Depth? & How Defense in depth Works

Defense in depth may be a security strategy during which security professionals use many protection layers throughout associate information system. This strategy uses the military principle that it’s more difficult for associate enemy to defeat a fancy. Multi-layered defense system than to penetrate one barrier. Defense-in-depth helps to stop direct attacks against associate information system. It’s knowledge as a result of a possibility in one layer only leads the offender to successive layer. If a …

What is Defense in Depth? & How Defense in depth Works Read More »