Chapter 1 Risk Management Flashcards
What does CASB stand for?
CASB stands for Cloud Access Security Broker.
How does the speaker describe CASBs?
The speaker describes CASBs as security policy enforcement points that ensure the safety and security of cloud-based resources by interjecting enterprise security policies.
What is an asset in the context of risk management?
An asset refers to valuable elements within an IT infrastructure, such as data, equipment, people, and services.
How is likelihood defined in risk management?
Likelihood refers to the probability of an event occurring over time in relation to an IT infrastructure.
Who are threat actors?
Threat actors are individuals, organizations, or entities that have the potential to engage in harmful activities or actions against an IT infrastructure.
What are some examples of threat actors mentioned in the video?
Some examples of threat actors mentioned include hackers, hacktivists, script kiddies, insiders, competitors, shadow IT, criminal syndicates, and state actors.
What is vulnerability in the context of risk management?
Vulnerability refers to weaknesses or flaws in the protection of an asset within an IT infrastructure.
How is remediation related to risk management?
Remediation involves taking actions to reduce or eliminate threats by addressing vulnerabilities and implementing appropriate security measures.
What does the CIA Security Triad stand for?
The CIA Security Triad stands for Confidentiality, Integrity, and Availability.
How is vulnerability defined in the context of risk management?
Vulnerability refers to weaknesses or flaws in the protection of an asset within an IT infrastructure.
What are some examples of attack vectors
weak configurations, open firewall ports, lack of security awareness among end-users, lack of multi-factor authentication (MFA), missing patches, and infected USB thumb drives.
What is a supply-chain attack?
A supply-chain attack refers to an attack that targets the process or entities involved in delivering a product or service, such as third-party suppliers or contractors. Organizations may use right-to-audit clauses in contractual agreements to ensure compliance with laws, regulations, or data security standards.
How can Microsoft Azure’s Security Center help identify vulnerabilities?
Microsoft Azure’s Security Center automatically monitors cloud resources and provides recommendations for addressing vulnerabilities. These recommendations can help organizations prioritize and implement security measures to protect their infrastructure.
Why is threat intelligence important in cybersecurity?
Threat intelligence is important to stay informed about the latest threats, prevent attacks, and enable proactive incident response.
What is the CIA Security Triad and what does it stand for?
The CIA Security Triad stands for Confidentiality, Integrity, and Availability, which are key elements in cybersecurity.
What are some examples of threat intelligence sources?
Threat intelligence sources include closed or proprietary information services, open-source intelligence (OSINT), Common Vulnerabilities and Exposures (CVEs), and the Dark Web.
How is threat intelligence shared among different software programs and enterprises?
Threat intelligence is shared through Automated Indicator Sharing (AIS) using the Structured Threat Information eXpression (STIX) format and the Trusted Automated eXchange of Indicator Information (TAXII) standard.
How can graphical representations and maps help with threat intelligence?
Graphical representations and maps provide visualizations of threats, such as live geographical maps showing malware activity, which help in understanding the geographic scope and trends of attacks.
What are some examples of risk vectors in IT security?
Examples include mission-critical systems, data, third-party access, and physical security measures.
Name some frameworks and standards used in risk management.
NIST RMF, CIS, and ISO/IEC standards are commonly used in risk management.