Basics Flashcards
Words used in Cybersercurity
Compliance
The process of adhering to internal standards and external regulations.
Security Frameworks
Guidelines used for building plans to help mitigate risks and threats to data and privacy.
Security Controls
Safeguards designed to reduce specific security risks. They are used with security frameworks to establish a strong security posture.
Security Posture
An organization’s ability to manage its defense of critical assets and data to react to change. A strong security posture leads to lower risk of the organization.
Threat Actor
Or Malicious person, is any person or group who presents a risk to computers, applications, networks, or data.
Internal threat
A current or former employee, external vender, or a trusted partner who poses a security risk.
Network security
The practice of keeping an organization’s network infrastructure secure from unauthorized access. This includes data, services, systems, and devices that are stored in an organization’s network.
Cloud security
The process of ensuring that assets stored in the cloud are properly configures, or set up correctly, and access to those assets is limited to authorized users.
SIEM
Security information and event management. Is a tool that collects and analyze data in computers and networks in an organization. It monitors unusual login behavior.
IDSs
Intrusion detection systems. A system that monitors activity and alerts for possible intrusions.
PII
Personally Identifiable Information. Any information used to infer an individuals identity. ( Full name, date of birth, Physical address, Phone number, email address, internet protocol)
SPII
Sensitive Personally Identifiable Information. A specific type of PIII that falls under stricter handling guidelines. ( social security numbers, medical or financial information, and biometric data such as face recognition.
