Wentz’s book, The Effective CISSP: Security and Risk Management, helps CISSP and CISM aspirants build a solid conceptual security model. It is a tutorial for information security and a supplement to the official study guides for the CISSP and CISM exams and an informative reference for security professionals.
Security refers to the process of and the state reached by protecting something from danger or threat.
Information security is a discipline of protecting information assets from threats through security controls to achieve the security objectives of confidentiality, integrity, and availability, support business processes, and create value to fulfill the organizational mission and vision.
資訊安全
- 安全是指保護某個東西免於受到危險或威脅的過程以及所達到的狀態。
- 資訊安全是一門透過安全管制措施,保護資訊資產免於受到危害,以實現機密性、完整性和可用性的安全目標、進而支持組織的業務流程,並創造價值以實現使命和願景的學問。
