- •70 Protection of information unit 1 – computer crime
- •Vocabulary
- •Exercises
- •VI. Arrange the following in pairs of synonyms
- •VII. Grammar revision. Translate the sentences into Russian
- •VIII. Answer about the article
- •IX. Insert prepositions
- •X. Insert the proper words (see the words below)
- •XI. Say in one word (see the words below)
- •XII. Give English equivalents
- •Unit 2 – technical and legal protection of information
- •Vocabulary
- •Exercises
- •VI. Insert prepositions
- •VII. Insert the proper words (see the words below)
- •VIII. Say in one word (see the words below)
- •IX. Give English equivalents
- •Unit 3 – information security
- •Vocabulary
- •Exercises
- •V. Give the derivatives of the words, translate them
- •VI. Arrange the following in pairs of synonyms
- •VII. Answer about the article Information security
- •VIII. Insert prepositions
- •IX. Insert the proper words (see the words below)
- •X. Give English equivalents
- •XI. Tell your partner about information security Keys
- •Unit 4 – basic principles Key concepts
- •Confidentiality
- •Integrity
- •Availability
- •Vocabulary
- •Exercises
- •VII. Give Russian equivalents
- •VIII. Answer about the article
- •IX. Insert prepositions
- •X. Insert the proper words (see the words below)
- •XI. Say in one word (see the words below)
- •XII. Give English equivalents
- •XIII. Tell your partner about basic principles of information security
- •Vocabulary
- •Exercises
- •VIII. Insert prepositions
- •IX. Insert the proper words (see the words below)
- •X. Say in one word (see the words below)
- •XI. Give English equivalents
- •Unit 6 – information security management
- •Vocabulary
- •Exercises
- •VII. Give Russian equivalents
- •VIII. Answer about the article
- •IX. Insert prepositions
- •X. Insert the proper words (see the words below)
- •XI. Say in one word (see the words below)
- •XII. Give English equivalents
- •Unit 7 – controls
- •Administrative
- •Logical
- •Physical
- •Vocabulary
- •Exercises
- •V. Grammar revision. Translate the sentences into Russian
- •VI. Answer about controls
- •VII. Insert prepositions
- •VIII. Insert the proper words (see the words below)
- •IX. Say in one word (see the words below)
- •X. Give English equivalents
- •XI. Tell your partner about controls Keys
- •Unit 8 – security classification for information
- •Vocabulary
- •Exercises
- •V. Answer about the article
- •VI. Insert prepositions
- •VII. Insert the proper words (see the words below)
- •VIII. Say in one word (see the words below)
- •IX. Give English equivalents
- •Unit 9 – access control
- •Vocabulary
- •Exercises
- •VII. Insert prepositions
- •VIII. Insert the proper words (see the words below)
- •IX. Say in one word (see the words below)
- •X. Give English equivalents
- •Unit 10 – authorization
- •Vocabulary
- •Exercises
- •V. Arrange the following in pairs of synonyms
- •VI. Answer about the article
- •VII. Insert prepositions
- •VIII. Insert the proper words (see the words below)
- •IX. Say in one word (see the words below)
- •X. Give English equivalents
- •XI. Translate into English
- •Unit 11 – criptography
- •Defense in depth
- •Conclusion
- •Vocabulary
- •Exercises
- •V. Arrange the following in pairs of synonyms
- •VI. Answer about the article
- •VII. Insert prepositions
- •VIII. Insert the proper words (see the words below)
- •IX. Say in one word (see the words below)
- •X. Give English equivalents
- •Unit 12 – 10 immutable laws of security, laws 1, 2
- •Vocabulary
- •Exercises
- •I. Read and translate the information using the vocabulary
- •II. Translate the verbs, give the three forms
- •III. Give Russian equivalents
- •IV. Arrange the following in pairs of synonyms
- •V. Answer about the article
- •VI. Insert the proper words (see the words below)
- •VII. Say in one word (see the words below)
- •VIII. Give English equivalents
- •Unit 13 – laws 3, 4
- •Vocabulary
- •Exercises
- •VI. Answer about the article
- •VII. Insert prepositions
- •VIII. Insert the proper words (see the words below)
- •IX. Say in one word (see the words below)
- •X. Give English equivalents
- •Unit 14 – laws 5, 6
- •Vocabulary
- •Exercises
- •V. Arrange the following in pairs of synonyms
- •VI. Answer about the article
- •VII. Insert prepositions
- •VIII. Insert the proper words (see the words below)
- •IX. Say in one word (see the words below)
- •X. Give English equivalents
- •Unit 15 – laws 7, 8
- •Vocabulary
- •Exercises
- •V. Arrange the following in pairs of synonyms
- •VI. Answer about the article
- •VII. Insert prepositions
- •VIII. Insert the proper words (see the words below)
- •IX. Say in one word (see the words below)
- •Unit 16 – laws 9, 10
- •Vocabulary
- •Exercises
- •V. Arrange the following in pairs of synonyms
- •VI. Insert prepositions
- •VII. Insert the proper words (see the words below)
- •VIII. Say in one word (see the words below)
- •IX. Give English equivalents
- •Test 1 (units 1 – 8)
- •I. Укажите буквой соответствующий предлог
- •II. Укажите буквами пары синонимов
- •III. Укажите буквой понятия, близкие по значению
- •IV. Укажите буквой соответствующий английский эквивалент
- •V. Укажите буквой соответствующий перевод подчёркнутых слов
- •VI. Укажите буквой правильный перевод
- •VII. Укажите буквой правильный ответ на вопрос
- •VIII. Укажите номер соответствующего русского эквивалента
- •Test 2 (units 9 – 16)
- •I. Укажите буквой соответствующий предлог
- •II. Укажите буквами пары синонимов
- •III. Укажите буквой понятия, близкие по значению
- •IV. Укажите буквой соответствующий английский эквивалент
- •V. Укажите буквой соответствующий перевод подчёркнутых слов
- •VI. Укажите буквой правильный перевод
- •VII. Укажите буквой правильный ответ на вопрос
- •VIII. Укажите номер соответствующего русского эквивалента
- •Keys (test 1)
XI. Give English equivalents
необходимо гарантировать, подлинные данные, удостовериться, обе стороны, подлинность и неотказуемость, подразумевает намерения, выполнять обязательства, не может отрицать отправление информации, цифровые подписи и шифрование, установить подлинность, всестороннее рассмотрение, управление рисками, определение слабых мест, угроза информационным ресурсам, контрмеры, если таковые имеются, уменьшить риск до допустимого уровня, постоянно продолжающийся процесс, деловая среда, появляются каждый день, ценность информационного актива, нанести вред, подвергать опасности, иметь влияние, утраченный доход, потеря имущества, устранить все риски, остаточный риск, оценка риска осуществляется, качественный и количественный анализ
Keys
Ex. IX
1 – e
2 – n
3 – j
4 – m
5 – c
6 – k
7 – b
8 – d
9 – i
10 – g
11 – h
12 – f
13 – l
14 – a
Ex. X
1 – d
2 – f
3 – i
4 – l
5 – g
6 – b
7 – h
8 – e
9 – j
10 – c
11 – a
12 – k
Unit 6 – information security management
The research has shown that the most vulnerable point in most information systems is the human user, operator, designer, or other human. The ISO/IEC 27002:2005 Code of practice for information security management recommends the following be examined during a risk assessment:
security policy,
organization of information security,
asset management,
human resources security,
physical and environmental security,
communications and operations management,
access control,
information systems acquisition, development and maintenance,
information security incident management,
business continuity management, and
regulatory compliance.
In broad terms the risk management process consists of:
Identification of assets and estimating their value. Include: people, buildings, hardware, software, data (electronic, print, others), supplies.
Conduct a threat assessment. Include: Acts of nature, acts of war, accidents, malicious acts originating from inside or outside the organization.
Conduct a vulnerability assessment, and for each vulnerability calculate the probability that, it will be exploited. Evaluate policies, procedures, standards, training, physical security, quality control, technical security.
Calculate the impact that each threat would have on each asset. Use qualitative analysis or quantitative analysis.
Identify, select and implement appropriate controls. Provide a proportional response. Consider productivity, cost effectiveness, and value of the asset.
Evaluate the effectiveness of the control measures. Ensure that controls provide the required cost effective protection without discernible loss of productivity.
For any given risk, Executive Management can choose to accept the risk based upon the relative low value of the asset, the relative low frequency of occurrence, and the relative low impact on the business. Or, leadership may choose to mitigate the risk by selecting and implementing appropriate control measures to reduce the risk. In some cases, the risk can be transferred to another business by buying insurance or out-sourcing to another business. The reality of some risks may be disputed. In such cases leadership may choose to deny the risk. This is itself a potential risk.