Chapter 1 Vocabulary Flashcards
Integrity
Consistency, accuracy, and validity of data or information.
Availability
A resource being accessible to a user, application, or computer system when required (Accidental, Natural Disasters, Deliberate, etc.)
Risk Management
Process of identifying, assessing, and prioritizing threats and risk.
Risk
Probability that an event will occur.
Threat
Action or occurrence that could result in breach, outage, or corruption of a system by exploiting known or unknown vulnerabilities.
Risk Assessment
Used to identify risks that may impact an environment.
Risk Avoidance
The process of eliminating a risk by choosing not to engage in an action or activity.
Risk Acceptance
The act of identifying and then making an informed decision to accept the likelihood and impact of a specific risk.
Risk Mitigation
Taking steps to reduce likelihood or impact of risk.
Risk Transfer
Taking steps to move responsibility for a risk to a third party through insurance or outsourcing.
Principle of Least Privilege
Security discipline that requires that a particular user, system, or application be given no more privilege than necessary to perform a function or job.
Attack Surface
Consists of the set of methods and avenues an attacker can use to enter a system and potentially cause damage.
Social engineering
Methods used to gain access to data systems, or networks, primarily through misrepresentation.
Access Control
Restricting access to a resource to only permitted users, applications, or computer systems.
Defense in Depth
Using multiple one layers of security to defend one’s assets.
Mobile Devices
Laptops, PDAs, and smartphones are used to process information; send and receive mail, store enormous amounts of data, surf the Internet, and interact remotely with interns, networks and systems.
Removable Devices
Storage device that is designed to be taken out if a computer without turning the computer off.
Flash Drive
Small drive based on a flash memory.
Keylogger
Physical or logical device used to capture keystrokes.
Confidentiality
Characteristic of a resource ensuring access is restricted to only permitted users, applications, or computer systems (Public, Confidential, Strictly Confidential / Privileged, Unclassified, Restricted, etc.)
