Live Course on Drafting of Appeal and Reply of Penalty Notice by CA Sachin Sinha. Register Now!!

Isca private coaching (mumbai only)

swapnil (C A final ) (121 Points)

11 December 2014

Hello Friends,

My name is Swapnil & I am a CA Finalist & I have done Certified Ethical Hacker(CEH) & Computer Hacking Forensic Investigation(CHFI)

I can teach IT/SM for PCC as well as ISCA for CA-final.

Teaching Methodology:

Strictly from Module Provided by the Institute.

Coverage of full Concepts along with practical examples & Live demonstrations. (if time permits)

Classes will be conducted as per the schedule which student feel comfortable.

Students will be taught only Concepts with correlation with day to day activities & no mugging up excercise.

Fees: Contact me: 7208531530

Note: Demonstations will be only for education purpose & not for misusing.

Reply
Follow
Share

2 Replies

swapnil (C A final ) (121 Points)
Replied 11 December 2014

You can also PM me any query regarding IT/SM & ISCA.

swapnil (C A final ) (121 Points)
Replied 12 December 2014

Hello friends

I'll just try to explain few teminology from Chapter 1 ISCA, in layman language

Definations

1) Threats : An action or event that could have a negative impact on the Assets

eg. Realworld asset threats like theft/ modification /distruction of assets etc + Cyberworld asset threats like Denial of service/Hacking etc

2) Attack : Exploitation of a vulnerablity by a threat agent

eg. realworld example - a thief robbing aritcles from house. what does he do? he tries to exploit a vulnerability by threat agent (eg. watchman asleep / windows open etc)

in simple words Attack = Motive + Method + Vulnerability.

3) Vulnerability : Weaknes in the system safeguards that potentailly allows threats to exploit the system.

eg. Continuing our previous example Vulnerability is Whatchman falling asleep / Windows remaing open which invites the attention of threat agents(Thiefs) to exploit(theft) of systen (i.e. House)

4) Risk : Likelihood that a particular threat will exploit a particular vulnerability to cause harm to an asset.

eg. Probability that Watchman will be asleep or window might remain open during paricular time period under consideration (i.e. suppose watchman was asleep for 3-4 days during last 6 months, therefore probability will be 4/180)

5) Assets (layman laguage motive) : Tangible or intangible thing of value to the organisation. i.e existence/smooth fuctioning of enterpise depend on the Assets.

eg. Asset in our example is Article, Value of which depends on Importance to the owner of article (i.e. Vintage with highvalue or Artistic piece with moderate vale as compared to other articles.)

6) Exposure : Extent of loss ( both Financial as well as Loss of time) that will result if risk materialises

eg. Exposure is when Whatchman was asleep/ Window was open & Thief taking note of this Robbed the article.

7) Safeguard / Countermeasure : Anything which removes the vulnerability &/ protects against one or more specific Threats

eg. employing two watchman or appointing a caretaker to see if windows are closed etc

8) Residual risk : Any risk still remaining after the countermeasure are applied ( same concept as in Auditing)

9) Exploit : Defined way to breach the security through Vulnerability.

Was it usefull in understanding the concepts?

Any Query Relating to above?

Any request for simlification of any topic from any chapter of ISCA ( Max 3 Topics Cumulatively based on demand)

(Kindly Let me Know in Comments below)