C Flashcards

You may prefer our related Brainscape-certified flashcards:
1
Q

Capability Maturity Model Integration (CMMI)

A

An integrated model of best practices that enable businesses to improve performance by improving their processes. Product teams developed the model with global members from across industry. The CMMI provides
a best-practice framework for building, improving, and sustaining process capability.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Certificate (Certification) authority (CA)

A

A trusted third party that serves authentication infrastructures or enterprises and registers entities and issues them certificates

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Certificate revocation list (CRL)

A

An instrument for checking the continued validity of the certificates for which the certification authority (CA) has responsibility

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Certification practice statement (CPS)

A

A detailed set of rules governing the certificate authority’s operations. It provides an understanding of the value and trustworthiness of certificates issued by a given certificate authority (CA).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Chain of custody

A

The process of evidence handling from collection to presentation that is necessary to maintain the validity and integrity of evidence

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Challenge/response token

A

A method of user authentication that is carried out through use of the Challenge Handshake Authentication Protocol (CHAP).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Change management

A

A methodical approach for controlling and implementing changes in a planned and structured manner (CMMI)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Change management

A

A holistic and proactive approach to managing the transition from a current to a desired organizational state, focusing specifically on the critical human or “soft” elements of change (ISACA)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Checksum

A

A checksum value is generated by an algorithm and associated with an input value and/or whole input file. The checksum value can be used to assess its corresponding input data or file later and verify that the input has not
been maliciously altered. If a subsequent checksum value no longer matches the initial value, the input may have been altered or corrupted.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Chief information officer (CIO)

A

The most senior official of the enterprise who is accountable for IT advocacy, aligning IT and business strategies, and planning, resourcing and managing the delivery of IT services, information and the deployment of associated human resources

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Chief information security officer (CISO)

A

The person in charge of information security within the enterprise

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Chief security officer (CSO)

A

The person usually responsible for all physical and digital security matters in an enterprise

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Chief technology officer (CTO)

A

The individual who focuses on technical issues in an enterprise.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

COBIT

A

A broad and comprehensive I&T governance and management framework and continues to establish itself as a generally accepted framework for I&T governance. Formerly known as Control Objectives for Information and related Technology.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Compensating control

A

An internal control that reduces the risk of an existing or potential control weakness resulting in errors and omissions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Computer forensics

A

The application of the scientific method to digital media to establish factual information for judicial review

17
Q

Confidentiality

A

Preserving authorized restrictions on access and disclosure, including means for protecting privacy and proprietary information

18
Q

Content filtering

A

Controlling access to a network by analyzing the contents of the incoming and outgoing packets and either letting them pass or denying them based on a list of rules.

19
Q

Contingency plan

A

A plan used by an enterprise or business unit to respond to a specific systems failure or disruption.

20
Q

Contingency planning

A

Process of developing advance arrangements and procedures that enable an enterprise to respond to an event that could occur by chance or unforeseen circumstances.

21
Q

Continuous monitoring

A

The process implemented to maintain a current security status for one or more information systems or for the entire suite of information systems on which the operational mission of the enterprise depends.

22
Q

Control center

A

Hosts the recovery meetings where disaster recovery operations are managed

23
Q

Control

A

The means of managing risk, including policies, procedures, guidelines, practices or organizational structures, which can be of an administrative, technical, management or legal nature

24
Q

Corporate governance

A

The system by which enterprises are directed and controlled. The board of directors is responsible for the governance of their enterprise. It consists of the leadership and organizational structures and processes that
ensure the enterprise sustains and extends strategies and objectives.

25
Q

COSO

A

Committee of Sponsoring Organizations of the Treadway Commission

26
Q

Cost-benefit analysis

A

An analysis that relies on the addition of positive factors and the subtraction of negative factors to determine a net result, and is a method used to build a business case to support a risk response.

27
Q

Countermeasure

A

Any process that directly reduces a threat or vulnerability

28
Q

Criticality analysis

A

An analysis to evaluate resources or business functions to identify their importance to the enterprise, and the impact if a function cannot be completed or a resource is not available.

29
Q

Criticality

A

The importance of a particular asset or function to the enterprise, and the impact if that asset or function is not available

30
Q

Cryptography

A

The study of mathematical techniques related to aspects of information security, such as confidentiality, data integrity, entity authentication and data origin authentication

31
Q

Cyclical redundancy check (CRC)

A

A method to ensure that data have not been altered after being sent through a communication channel