Today let’s discuss the 3 domains of information security. So what are the three domains and also what we will learn in these three?
Quick Introduction Of 3 Domains Of Information Security
The 3 domains of information security are the following:
- Security and Risk Management
- Asset Security
- Security Engineering
So what is information security means? It is preserving information and information systems.
So it helps to protect from the following:
- Unauthorized access
- Use
- Exposure
- Division
- Fixing
- Ruin
The terms of this following:
- Information security
- Computer security
- Information assurance
Is generally used to exchange.
So these fields connect and share ordinary purposes.
Like protecting confidentiality. Also the integrity and availability of knowledge.
But, some details are different between them. But these difference lies.
- The subject approach
- The methodologies used
- The areas of concentration
So we can say that the main focus of information security. Is to protect the data of the confidentiality, integrity, and availability
That is it. Let us proceed to the three-domain of information security.
Security And Risk Management
So security and risk management involve a general understanding.
Also, analysis and risk-mitigating techniques. To determine the team achieves their goal of learning security goals.
So the risk is a major basic in every viewpoint. It is just like information security decisions.
Also, risk management concepts are helping aid each decision. To make effective.
This is the list of the major part of security and risk management.
- Information security within the team
- The triad of information security – Confidentiality, Integrity, and Availability
- Security governance policies
- Business continuity requirements
- Threat modeling
- Policies, standards, procedure, and guidelines
- The idea of risk management
Asset Security
Asset security is focusing on how to controls the custody, labels. The ownership of data and also the data classification clearance.
Data remains is discussing and including recently material.
Also, remain to properties of solid-state drives are combine with ROM and RAM.
It has quite different remaining properties compared to a magnetic drive.
So the asset security binds up with a discussion of control determination. Also adding the scoping and tailoring.
This is the domain address of the material requirements. Cover of the following:
- The classification and ownership of information and assets
- Privacy
- Reservation periods
- Data security controls
- Handling requirements
Security Engineering
Security engineering is representing large and various technical domains.
This domain contains the following:
- Controls used to enforce various levels of confidentiality, availability, integrity
- Secure operating systems and Networks
- The following principles, structures, also concepts
- The implementation and standards used to design
- The application, equipment, and monitoring
So, information security planning and design. It covers the practice of applying a wide and accurate method.
It describes a modern or future structure and behavior for a company.
- Organization’s security processes
- Information security systems
- Personnel and organizational sub-units
So security engineering covers several important information security concepts.
- Engineering methods using secure form principles
- Basic ideas of security models
- Security skills of information systems
- Assessing and decreasing vulnerabilities in systems
- Cryptography
- Designing and achieving physical security
So that is the three-domain of information security. It is very helpful for our security in our daily lives.
So this domain is protecting our data of confidentiality, integrity, and availability. From the cyber crimes.