Home> Schools> Oklahoma State University> Management Science and Information Systems (MSIS)> MSIS 4253> MSIS 4253, (SP18), Exam 1 Focus list (1)

O-K-State MSIS 4253 - MSIS 4253, (SP18), Exam 1 Focus list (1) (4 pages)

Previewing page 1 of 4 page document View the full content.

View Full Document

MSIS 4253, (SP18), Exam 1 Focus list (1)

Previewing page 1 of actual document.

View the full content.
View Full Document

View Full Document

MSIS 4253, (SP18), Exam 1 Focus list (1)

like 0 dislike 0 30 views

Pages:: 4
School:: Oklahoma State University
Course:: Msis 4253 - Sys Cert and Accred

Sign up for free to view:

This document and 3 million+ documents and flashcards
High quality study guides, lecture notes, practice exams
Course Packets handpicked by editors offering a comprehensive review of your courses
Better Grades Guaranteed

Unformatted text preview:

MSIS 4253 Exam 1 Focus List Spring 2018 1 System characterization items hardware software information sensitivity etc 2 Types of threats and vulnerabilities a Threats natural human made environmental b Vulnerabilities weakness in the system or the people that use it 3 Classes of security controls managerial operational technical a Managerial assessments planning acquisition program management b Operational training configuration contingency planning incident resonse maintenance physical protection c Technical access control audit and accountability identification and authentication system and communication protection 4 Common Controls a Security controls that are inheritable by one or more organizational information systems b Ex Contingency planning controls incident response controls security training and awareness controls personnel security controls physical and environmental protection controls intrusion detection controls 5 Hybrid or System specific controls a Security controls not designated as common controls b System specific controls are the primary responsibility of information system owners and their respective authorizing officials c Hybrid controls may also serve as templates for further control refinement 6 Relationships with external service providers a Services implemented outside of the authorization boundaries established by the organization for its information systems b Joint ventures business partnerships outsourcing arrangements licensing agreements supply chain exchanges 7 Scoping guidance Literally review the slide that covers scoping guidance NIST SP 80053 Chapter 3 8 Security Considerations there are many a Common control related considerations b Security objective related considerations c System component allocation related considerations d Technology related considerations e Physical infrastructure related considerations f Operations environmental related considerations g Scalability related considerations h Public access related

View Full Document