Skip to content

Dated: 02-11-2024

Ch01. what is the Role of People, Process and Technology in Information Security

  • People, process, and technology are together referred to as the Information Security Triad
  • All three aspects help to form a holistic view of Information Security
  • All three are important and cannot be overlooked in an Information Security program or activity

People

  • People must be trained to effectively & correctly follow policies, information security processes, and implement technology

Process

Processes are fundamental to effective information security.

  • User access management
  • Backups
  • Incident management
  • Change management
  • Vulnerability management
  • Risk management

Technology

Technology plays a central role in the Information Security program

  • Firewalls
  • Antivirus
  • Email anti-spam filtering solution
  • Web filtering solution
  • Data loss prevention (DLP) solution

Pasted image 20241102140857.png

Post assessments
Social engineering and which of the following are aspects that people must be trained to handle appropriately
  • Phishing
  • Process
  • People
  • Assessment
which of the following must be trained to effectively & correctly follow policies, information security processes, and implement technology
  • Process
  • Data
  • Information
  • People
In the context of information security program, DLP stands for
  • Dual loss prevention
  • Distributed loss prevention
  • Digital loss prevention
  • Data loss prevention