- •Information Security
- •The Importance of Information Security
- •Vocabulary
- •Information, Information Security and Information Security Management
- •Positive and negative
- •Question
- •Unit 2 The Main Principles of Information Security
- •1. Read the text below and fill in the gaps in the following sentences.
- •Confidentiality, Integrity and Availability
- •2. Say if the following statements are True or False.
- •1. Read the text below and fill in the gaps in the following sentences.
- •The Notion of Information Security Management
- •2. Say if the following statements are True or False.
- •5. Find the words in the text which have the similar meaning to the words below.
- •6. Read the text below and choose the best option for each gap. Planning an Information Security Management System
- •Unit 4 Risks in Information Security
- •Read the text below and fill in the gaps in the following sentences.
- •Risk Assessment and Asset Identification
- •2. Say if the following statements are True or False.
- •Vocabulary
- •3. Find English equivalents of the following phrases in the text.
- •5. Find the words in the text which have the similar meaning to the words below.
- •6. Read the text below and choose the best option for each gap.
- •Information Assets
- •Identification and Authentication of Users
- •1. Read the text below and fill in the gaps in the following sentences.
- •Concept of Identification and Authentication
- •2. Say if the following statements are True or False.
- •Vocabulary
- •3. Find English equivalents of the following phrases in the text.
- •5. Find the words in the text which have the similar meaning to the words below.
- •6. Read the text below and choose the best option for each gap. Problems and Solutions
- •Unit 6 Network Security
- •1. Read the text below and fill in the gaps in the following sentences.
- •Processing of Data
- •2. Say if the following statements are True or False.
- •Vocabulary
- •3. Find English equivalents of the following phrases in the text.
- •5. Find the words in the text which have the similar meaning to the words below.
- •6. Read the text below and choose the best option for each gap.
- •Internet Security
- •Unit 7 Access Control
- •1. Read the text below and fill in the gaps in the following sentences.
- •Concept and Components of Access Control
- •2. Say if the following statements are True or False.
- •Vocabulary
- •3. Find English equivalents of the following phrases in the text.
- •5. Find the words in the text which have the similar meaning to the words below.
- •6. Read the text below and choose the best option for each gap. Access Control Models
- •Unit 8 Logging
- •1. Read the text below and fill in the gaps in the following sentences.
- •The Main Concepts of Logging
- •2. Say if the following statements are True or False.
- •Vocabulary
- •3. Find English equivalents of the following phrases in the text.
- •5. Find the words in the text which have the similar meaning to the words below.
- •6. Read the text below and choose the best option for each gap. Logging Best Practices
- •Unit 9 Firewalls
- •1. Read the text below and fill in the gaps in the following sentences.
- •Application of Firewalls
- •2. Say if the following statements are True or False.
- •Vocabulary
- •3. Find English equivalents of the following phrases in the text.
- •5. Find the words in the text which have the similar meaning to the words below.
- •6. Read the text below and choose the best option for each gap. Different Types of Firewalls
- •8. Find more information about different types of firewalls and complete a table of their advantages and disadvantages.
- •Unit 10 Network Architecture
- •1. Read the text below and fill in the gaps in the following sentences.
- •Osi and tcp/ip Network Models
- •2. Say if the following statements are True or False.
- •Vocabulary
- •3. Find English equivalents of the following phrases in the text.
- •5. Find the words in the text which have the similar meaning to the words below.
- •6. Read the text below and choose the best option for each gap. Secure Tunnel Information
Positive and negative
I / we / you / they |
’ve (have), haven’t |
lived abroad |
He / she/ it |
’s (has), hasn’t |
Question
Have |
I / we / you / they |
been to the US? |
Has |
He / she/ it |
Make sentences in the Present Perfect
1. You / do / homework?
2. You / make / decision / yet?
3. How long / know / Jamie?
4. She / be / Sweden / twice
5. Their plane / just / land
6. Where / you/ be?
7. What / you / do / your hair?
8. Surf the internet and find additional information about the usage of information security.
Unit 2 The Main Principles of Information Security
Warm Up
1. What are the main attributes of Information Security?
2. When do we use the term availability?
3. What information is considered to be secret?
Reading
1. Read the text below and fill in the gaps in the following sentences.
1) The classification of the information should …………………. and hence the appropriate safeguards.
2) Integrity loss happens when information ……………. without the modification being authorized.
3) Physical confidential loss can happen through…………………………..
Confidentiality, Integrity and Availability
A key aspect of Information Security is to preserve the confidentiality, integrity and availability of an organization’s information. It is only with this information that it can engage in commercial activities. Loss of one or more of these attributes, can threaten the continued existence of even the largest corporate entities.
Confidentiality: assurance that information is shared only among authorized persons or organizations. Breaches of Confidentiality can occur when data is not handled in a manner adequate to safeguard the confidentiality of the information concerned. Such disclosure can take place by word of mouth, by printing, copying, e-mailing or creating documents and other data etc. The classification of the information should determine confidentiality and hence the appropriate safeguards.
Confidentiality loss happens when information can be viewed (read) by individuals who shouldn’t access it. Loss of confidentiality can happen physically or electronically. Electronic confidentiality loss can happen when the clients and servers aren’t encrypting their communications. This allows malicious entities to view private communications. Physical confidential loss can happen through social engineering or through theft. This typically means having laptops stolen.
Integrity: assurance that the information is authentic and complete. The term Integrity is used frequently when considering Information Security as it is represents one of the primary indicators of security (or lack of it). The integrity of data is not only whether the data is 'correct', but whether it can be trusted and relied upon. For example, making copies (say by e-mailing a file) of a sensitive document, threatens both confidentiality and the integrity of the information.
Integrity loss happens when information is modified without the modification being authorized. This doesn’t mean that an unauthorized party has to cause the integrity loss to happen. An example would be a system administrator deleting an account record they weren’t authorized to delete. Integrity loss can happen either accidentally or through malicious intent. Malicious integrity loss can happen when a user purposely adds, deletes, or modifies database records. This can occur either through an authorized party (someone who has the access to actually modify the record) or by an unauthorized party when the user has access that they shouldn’t have. Accidental integrity loss happens when a system modifies or deletes records that it shouldn’t. This can happen when a virus infects a system or when a user does something that he didn’t intend to do. This is often why systems will verify that you want a file deleted, before it actually does so.
Availability: ensuring that authorized users have access to information and associated assets when required. This can be accomplished utilizing data backup plans, disaster recovery plans, and business continuity/recovery plans.
Availability is the simple idea that when a user or system attempts to access something, it is available to be accessed. This is extremely important for mission critical systems. Availability for these systems is so critical that most companies have business continuity plans (BCP’s) in order for their systems to have redundancy. Just like confidentiality and integrity loss, availability loss can happen by accident, a car crashing into a fiber pole disabling access to a system, or through malicious intent, such as a Denial-of-Service attack.