Security Architecture is the design blueprint that best describes how the security countermeasures are positioned in the overall systems architecture. These are controls that keep the system’s security attributes such as confidentiality
IS Security Testing is an important process to identify the accuracy, completeness and efficiency of the IS Security arrangements. Penetration Testing is a dynamic testing and analysis of potential weaknesses. It helps to determine whether an Information System is vulnerable or prone to attacks and whether the controls are efficient, complete and competent to defend the attacks.
It uses methods like White Box, Gray Box or Black Box to systematically detect the different errors and shortcomings in the IS Security arrangements with least efforts and time. This also provides a higher reliability.
The Physical Access Controls and Logical Access Control mechanisms is used in a combination to control the access to the system. It is based on privilege management features. It sets a systematic procedure of identification of the user, authentication of his rights to access and managing the access controls. This gives a protection against unauthorised access, data leaks and compromise of Confidentiality and Integrity of data.