Summary (Information Security Management ) Essay

Summary (Information Security Management ) - Essay ExampleTo address those risks that are say to be unacceptable ISO/IEC 27001 suggests modeling and application of rational and comprehensive suite of information security controls. Comparatively, NSIT lays turn out on security management by identifying 17 controls organized into three categories The Management Control function addresses security topics that can be characterized as managerial. The Operational Control plane section addresses security controls focusing on steps that are, broadly speaking, implemented and executed by people (as opposed to systems). The Technical Control section implicates on security controls that the computer system executes. Main advantage of NSIT document is network-based IDSs, which are usually dormant devices that do not interfere with the normal operation of a network, are very secure against beset and even made invisible to many attackers. A major weakness here is, Network-based IDSs whitetho rn pass on difficulty processing all packets in a large or busy network therefore, may fail to recognize an attack launched during periods of high traffic. The scope of NSIT is limited as it lacks, especially in the subject area of time defined as heavy traffic.