- •70 Protection of information unit 1 – computer crime
- •Vocabulary
- •Exercises
- •VI. Arrange the following in pairs of synonyms
- •VII. Grammar revision. Translate the sentences into Russian
- •VIII. Answer about the article
- •IX. Insert prepositions
- •X. Insert the proper words (see the words below)
- •XI. Say in one word (see the words below)
- •XII. Give English equivalents
- •Unit 2 – technical and legal protection of information
- •Vocabulary
- •Exercises
- •VI. Insert prepositions
- •VII. Insert the proper words (see the words below)
- •VIII. Say in one word (see the words below)
- •IX. Give English equivalents
- •Unit 3 – information security
- •Vocabulary
- •Exercises
- •V. Give the derivatives of the words, translate them
- •VI. Arrange the following in pairs of synonyms
- •VII. Answer about the article Information security
- •VIII. Insert prepositions
- •IX. Insert the proper words (see the words below)
- •X. Give English equivalents
- •XI. Tell your partner about information security Keys
- •Unit 4 – basic principles Key concepts
- •Confidentiality
- •Integrity
- •Availability
- •Vocabulary
- •Exercises
- •VII. Give Russian equivalents
- •VIII. Answer about the article
- •IX. Insert prepositions
- •X. Insert the proper words (see the words below)
- •XI. Say in one word (see the words below)
- •XII. Give English equivalents
- •XIII. Tell your partner about basic principles of information security
- •Vocabulary
- •Exercises
- •VIII. Insert prepositions
- •IX. Insert the proper words (see the words below)
- •X. Say in one word (see the words below)
- •XI. Give English equivalents
- •Unit 6 – information security management
- •Vocabulary
- •Exercises
- •VII. Give Russian equivalents
- •VIII. Answer about the article
- •IX. Insert prepositions
- •X. Insert the proper words (see the words below)
- •XI. Say in one word (see the words below)
- •XII. Give English equivalents
- •Unit 7 – controls
- •Administrative
- •Logical
- •Physical
- •Vocabulary
- •Exercises
- •V. Grammar revision. Translate the sentences into Russian
- •VI. Answer about controls
- •VII. Insert prepositions
- •VIII. Insert the proper words (see the words below)
- •IX. Say in one word (see the words below)
- •X. Give English equivalents
- •XI. Tell your partner about controls Keys
- •Unit 8 – security classification for information
- •Vocabulary
- •Exercises
- •V. Answer about the article
- •VI. Insert prepositions
- •VII. Insert the proper words (see the words below)
- •VIII. Say in one word (see the words below)
- •IX. Give English equivalents
- •Unit 9 – access control
- •Vocabulary
- •Exercises
- •VII. Insert prepositions
- •VIII. Insert the proper words (see the words below)
- •IX. Say in one word (see the words below)
- •X. Give English equivalents
- •Unit 10 – authorization
- •Vocabulary
- •Exercises
- •V. Arrange the following in pairs of synonyms
- •VI. Answer about the article
- •VII. Insert prepositions
- •VIII. Insert the proper words (see the words below)
- •IX. Say in one word (see the words below)
- •X. Give English equivalents
- •XI. Translate into English
- •Unit 11 – criptography
- •Defense in depth
- •Conclusion
- •Vocabulary
- •Exercises
- •V. Arrange the following in pairs of synonyms
- •VI. Answer about the article
- •VII. Insert prepositions
- •VIII. Insert the proper words (see the words below)
- •IX. Say in one word (see the words below)
- •X. Give English equivalents
- •Unit 12 – 10 immutable laws of security, laws 1, 2
- •Vocabulary
- •Exercises
- •I. Read and translate the information using the vocabulary
- •II. Translate the verbs, give the three forms
- •III. Give Russian equivalents
- •IV. Arrange the following in pairs of synonyms
- •V. Answer about the article
- •VI. Insert the proper words (see the words below)
- •VII. Say in one word (see the words below)
- •VIII. Give English equivalents
- •Unit 13 – laws 3, 4
- •Vocabulary
- •Exercises
- •VI. Answer about the article
- •VII. Insert prepositions
- •VIII. Insert the proper words (see the words below)
- •IX. Say in one word (see the words below)
- •X. Give English equivalents
- •Unit 14 – laws 5, 6
- •Vocabulary
- •Exercises
- •V. Arrange the following in pairs of synonyms
- •VI. Answer about the article
- •VII. Insert prepositions
- •VIII. Insert the proper words (see the words below)
- •IX. Say in one word (see the words below)
- •X. Give English equivalents
- •Unit 15 – laws 7, 8
- •Vocabulary
- •Exercises
- •V. Arrange the following in pairs of synonyms
- •VI. Answer about the article
- •VII. Insert prepositions
- •VIII. Insert the proper words (see the words below)
- •IX. Say in one word (see the words below)
- •Unit 16 – laws 9, 10
- •Vocabulary
- •Exercises
- •V. Arrange the following in pairs of synonyms
- •VI. Insert prepositions
- •VII. Insert the proper words (see the words below)
- •VIII. Say in one word (see the words below)
- •IX. Give English equivalents
- •Test 1 (units 1 – 8)
- •I. Укажите буквой соответствующий предлог
- •II. Укажите буквами пары синонимов
- •III. Укажите буквой понятия, близкие по значению
- •IV. Укажите буквой соответствующий английский эквивалент
- •V. Укажите буквой соответствующий перевод подчёркнутых слов
- •VI. Укажите буквой правильный перевод
- •VII. Укажите буквой правильный ответ на вопрос
- •VIII. Укажите номер соответствующего русского эквивалента
- •Test 2 (units 9 – 16)
- •I. Укажите буквой соответствующий предлог
- •II. Укажите буквами пары синонимов
- •III. Укажите буквой понятия, близкие по значению
- •IV. Укажите буквой соответствующий английский эквивалент
- •V. Укажите буквой соответствующий перевод подчёркнутых слов
- •VI. Укажите буквой правильный перевод
- •VII. Укажите буквой правильный ответ на вопрос
- •VIII. Укажите номер соответствующего русского эквивалента
- •Keys (test 1)
XI. Say in one word (see the words below)
state or condition of being complete
state of being kept secret
state of possibility of being used, being obtained
central or most important
quality of being useful
written statement that something has been received
make effective and strong
the state or quality of being permitted or required by law
breaking or neglect of a rule, duty, agreement, etc.
method or key to secret writing
availability
breach
cipher
confidentiality
core
enforce
integrity
legality
receipt
utility
XII. Give English equivalents
целостность и доступность, основные принципы, постоянные споры, ответственность и законность, было подчёркнуто, ключевое понятие, устройство для обеспечения безопасности, подлинность и полезность, предотвратить раскрытие, несанкционированное лицо, передать номер карты от покупателя к продавцу, усилить конфиденциальность, шифровать номер, во время перевода, файл системного журнала, резервная копия, ограничить доступ, нарушение конфиденциальности, появляться на экране компьютера, ноутбук, охранять частную жизнь, незаметно изменять, хранить и обрабатывать информацию, каналы связи, оставаться доступным, предотвращать нарушения, из-за отключения энергии, отказ работы аппаратуры, атака на компьютер для вызова отказа в работе
XIII. Tell your partner about basic principles of information security
Keys
Ex. VI
1 – m
2 – n
3 – c
4 – d
5 – l
6 – b
7 – f
8 – k
9 – j
10 – a
11 – i
12 – g
13 – h
14 – e
Ex. X
1 – e
2 – a
3 – g
4 – n
5 – m
6 – f
7 – d
8 – c
9 – k
10 – l
11 – h
12 – o
13 – i
14 – b
15 – j
Ex. XI
1 – g
2 – d
3 – a
4 – e
5 – j
6 – i
7 – f
8 – h
9 – b
10 – c
UNIT 5 – AUTHENTICITY, NON-REPUDIATION, RISK MANAGEMENT
Authenticity
In computing, e-Business and information security it is necessary to ensure that the data, transactions, communications or documents (electronic or physical) are genuine. It is also important for authenticity to validate that both parties involved are who they claim they are.
Non-repudiation
In law, non-repudiation implies one’s intention to fulfill their obligations to a contract. It also implies that one party of a transaction cannot deny having received a transaction nor can the other party deny having sent a transaction.
Electronic commerce uses technology such as digital signatures and encryption to establish authenticity and non-repudiation.
Risk management
A comprehensive treatment of the topic of risk management is beyond the scope of this article. However, a useful definition of risk management will be provided as well as some basic terminology and a commonly used process for risk management.
The CISA Review Manual 2006 provides the following definition of risk management: “Risk management is the process of identifying vulnerabilities and threats to the information resources used by an organization in achieving business objectives, and deciding what counter-measures, if any, to take in reducing risk to an acceptable level, based on the value of the information resource to the organization.”
There are two things in this definition that may need some clarification. First, the process of risk management is an ongoing interactive process. It must be repeated indefinitely. The business environment is constantly changing and new threats and vulnerability emerge every day. Second, the choice of countermeasure (computer)s (controls) used to manage risks must strike a balance between productivity, cost, effectiveness of the countermeasure, and the value of the informational asset being protected.
Risk is the likelihood that something bad will happen that causes harm to an informational asset (or the loss of the asset). Vulnerability is a weakness that could be used to endanger or cause harm to an informational asset. A threat is anything (man-made or act of nature) that has the potential to cause harm.
The likelihood that a threat will use a vulnerability to cause harm creates a risk. When a threat does use a vulnerability to inflict harm, it has an impact. In the context of information security, the impact is a loss of availability, integrity, and confidentiality, and possibly other losses (lost income, loss of life, loss of real property). It should be pointed out that it is not possible to identify all risks, nor is it possible to eliminate all risk. The remaining risk is called residual risk.
A risk assessment is carried out by a team of people who have knowledge of specific areas of the business. Membership of the team may vary over time as different parts of the business are assessed. The assessment may use a subjective qualitative analysis based on informed opinion, or where reliable dollar figures and historical information is available, the analysis may use quantitative analysis.