This chapter covers the following topics:
Security Terms: Concepts discussed include confidentiality, integrity, and availability (CIA); auditing and accounting; non-repudiation; default security posture; defense in depth; abstraction; data hiding; and encryption.
Security Governance Principles: Concepts discussed include security function alignment, organizational processes, organizational roles and responsibilities, security control frameworks, and due care and due diligence.
Compliance: Concepts discussed include contractual, legal, industry standards, and regulatory compliance and privacy requirements compliance.
Legal and Regulatory Issues: Concepts discussed include computer crime concepts, major ...