Chapter 8 Sec +

Question 1

AV

Answer 1

Asset Value

Question 2

EF

Answer 2

Exposure Factor
Is the portion of an Asset that we expect would be DAMAGED if a risk materializes

Question 3

SLE

Answer 3

Single loss expectancy
Is the combination of AF×EF=SLE
Asset worth 10,000AV x
Exposure Factor 40% .4
10,000x.4=$4000 || SLE 4000

Question 4

ARO

Answer 4

Annualized Rate of Occurrence
Indicates how many times the loss will occur in a year
If aro is less then 1 it’s represented in decimal

Question 5

ALE

Answer 5

Annual Loss Expectancy
SLE x ARO =ALE
5000 x 6 = 30000
30000 will be the annual cost of replacing the gear

Question 6

CVE

Answer 6

Common Vulnerabilities and Exposures

Question 7

CVSS

Answer 7

Common Vulnerability Scoring System
Assesses vulnerabilities and assigns severity score in a range from 0 to 10

Question 8

RD

Answer 8

Responsible Disclosure
Programs for vulnerability enabled individuals and orgs to report security vulnerabilities or weakness they’ve found

Question 9

CIS

Answer 9

center for Internet security

Question 10

ISMS

Answer 10

Information Security Management System

Question 11

PIMS

Answer 11

Privacy Information Management system.

Question 12

RMF

Answer 12

Risk Management Framework
7 steps
Prepare
Categorize
Select
Implement
Access
Authorize
Monitor

Question 13

CSF

Answer 13

Cyber security Framework
Includes 3 components

Core- a set of activities that an org can select to achieve desired outcome

Tiers- helps an org identify how it views risks

Profile- provides a list of outcomes based on its needs and risk management

Question 14

SCAP

Answer 14

Security Content Automation Protocol

Is designed to facilitate communicate between Vulnerability Scanners and other Security Management Tools

Question 15

KRI

Answer 15

Key Risk Indicators

Are Metrics used to measure and Monitor the Level of Risk associated with a particular Activity, Process, or system.