Information Assurance Security

1. What is an Information Security Assurance?
   Information assurance, which focuses on ensuring the availability, integrity, authentication, confidentiality, and non-repudiation of information and systems. These measures may include providing for restoration of information systems by incorporating protection, detection, and reaction capabilities.

Information security, which centers on the protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide confidentiality, integrity, and availability.

1. Components Information Security Assurance?
   *Availability.
   *Integrity
   *Authentication
   *Confidentiality
   *Non-repudiation
   *Implementing the five pillars of Information Assurance

2. Differentiate the certification programs to Common body language?
   *Understand h0w your personal style influences your body language
   *Interpret common gestures
   *Understand power poses
   *Understand the differences in the body language across cultures
   *Understand the nuances of handshakes and touch

3. Differentiate the Governance and Risk management?
   Governance, or corporate governance, is the overall system of rules, practices, and standards that the guide a business.
   Risk, or enterprise risk management, is the process of identifying potential hazards to the business and acting to reduce or eliminate their financial impact.

4. Different between Security Architecture to Design?
   However, these two terms are a bit different.
   Security architecture is the set of resources and components of security system that allow it to function. Security design refers to the techniques and methods that position those hardware and software elements to facilitate security.

5. Different between Business Continuity Planning to D-i-s-a-s-t-e-r Recovery Planning?
   A business continuity plan (BCP) is a document that outlines how a business will continue operating during an unplanned disruption in service. It’s more comprehensive than a disaster recovery plan and contains contingencies for business processes, assets, human resources and business partners – every aspect of the business that might be affected.
   Plans typically contain a checklist that includes supplies and equipment, data backups and backup site locations. Plans can also identify plan administrators and include contact information for emergency responders, key personnel and backup site providers. Plans may provide detailed strategies on how business operations can be maintained for both short-term and long-term outages.

A key component of a business continuity plan (BCP) is a disaster recovery plan that contains strategies for handling IT disruptions to networks, servers, personal computers and mobile devices. The plan should cover how to reestablish office productivity and enterprise software so that key business needs can be met. Manual workarounds should be outlined in the plan, so operations can continue until computer systems can be restored.

There are three primary aspects to a business continuity plan for key applications and processes:

High availability: Provide for the capability and processes so that a business has access to applications regardless of local failures. These failures might be in the business processes, in the physical facilities or in the IT hardware or software.
Continuous operations: Safeguard the ability to keep things running during a disruption, as well as during planned outages such as scheduled backups or planned maintenance.
Disaster recovery: Establish a way to recover a data center at a different site if a disaster destroys the primary site or otherwise renders it inoperable

1. What is Physical Security Control?
   Physical security's main objective is to protect the assets and facilities of the organization. So the foremost responsibility of physical security is to safeguard employees since they are an important asset to the company. Their safety is the first priority followed by securing the facilities.
   Physical control is the implementation of security measures in a defined structure used to deter or prevent unauthorized access to sensitive material. Examples of physical controls are: Closed-circuit surveillance cameras. Motion or thermal alarm systems. Security guards

1. What is Operations Security?
   Operations security is a security and risk management process that prevents sensitive information from getting into the wrong hands and it is both a process and a strategy, and it encourages IT and security managers to view their operations and systems from the perspective of a potential attacker.

1. What is Law?
   the system of rules which a particular country or community recognizes as regulating the actions of its members and which it may enforce by the imposition of penalties.

1. What is Investigation?
   An investigation is a systematic, minute, and thorough attempt to learn the facts about something complex or hidden; it is often formal and official: an investigation of a bank failure. Investigation, examination, inquiry, research express the idea of an active effort to find out something

2. What is Ethics?
   Ethics or moral philosophy is a branch of philosophy that "involves systematizing, defending, and recommending concepts of right and wrong behavior". The field of ethics, along with aesthetics, concerns matters of value; these fields comprise the branch of philosophy called axiology

3. What is Information Security?
   Information security is the practice of protecting information by mitigating information risks. It is part of information risk management.
   It refers to the processes and methodologies which are designed and implemented to protect print, electronic, or any other form of confidential, private and sensitive information or data from unauthorized access, use, misuse, disclosure, destruction, modification, or disruption