Ch 15 Key Terms Flashcards
permission to perform a cyber security test
penetration verification acceptance
vulnerability testing authorization
variance
vulnerability verification acceptance
vulnerability testing authorization
calculates the avg amount of time until a component fails
mean time between failures (MTBF)
mean time to failure (MTTF)
Failure in time (FIT)
mean time to recovery (MTTR)
mean time between failures (MTBF)
prevents the threat from coming in contact with a vulnerability
deterrent control
preventive control
executive control
administrative controls
preventive control
average amount of time it will take a device to recover
mean time to failure (MTTF)
Failure in time (FIT)
mean time to recovery (MTTR)
mean time between failures (MTBF)
mean time to recovery (MTTR)
sustained and continual surveillance
secure configuration guides
configuration validation
scalability
continuous monitoring
continuous monitoring
intended to mitigate the damage caused by the incident
detective control
preventive control
corrective control
compensating control
corrective control
propose change of IT systems; approved by the ______
change management chairperson
computer change management
change management board
change management team
change management team
policy that defines the actions users may perform
executive policy
social media network
role-based awareness training
acceptable use policy
acceptable use policy
using technology to automate IT processes
artificial intelligence
automated course of action
automation
IT automation
automation
states how a company plans to protect its IT assets
social media network
role-based awareness training
executive policy
security policy
security policy
of human origin, such as the vandalism of a wireless antenna
physical threat
natural threat
manmade threat
risk assessment
manmade threat
compiled historical data; determine the likelihood of a risk
ARI
ARO
SLE
ALE
ARO
security controls carried out or managed by devices
corrective control
technical controls
compensating control
preventive control
technical controls
intended to minimize security risks of data transmitted across the network
Blanket Purchase Agreement (BPA)
Memorandum of Understanding (MOU)
Interconnection Security Agreement (ISA)
Systems Security Agreement (SSA)
Interconnection Security Agreement (ISA)
a network that moves a product from the supplier to customer
assessment
supply chain assessment
retail assessment
supply chain
supply chain
permission to perform a cyber security test
penetration testing authorization
vulnerability verification acceptance
variance
penetration verification acceptance
penetration testing authorization
ensure unwanted data is not carried forward; temporary
presistence tools
non-persistence tools
persistence
live boot media
non-persistence tools
a subject’s access level over an object
least privilege
object ramification
least privilege management
privilege
privilege
help IT security personnel configure hardware devices and software
security guides
configuration validation
secure configuration guides
scalability
secure configuration guides
the processes for ensuring that policies are carried out
security control
administrative controls
physical control
executive control
administrative controls
wrap up meeting between a management representative and a person leaving
out-bound interview
in-bound interview
Non-Disclosure Agreement (NDA)
exit interview
exit interview
an educated guess based on observation
qualitative calculation
qualitative risk calculation
quantitative risk
quantitative risk calculation
qualitative risk calculation
outlines acceptable employee use of social media to be enforced
tweeter media network
social media network
social media policy
group-based affiliation
social media policy
process of authenticating information given to a potential employer
in-bound interview
security background check
background check
welcome interview
background check
