Cybersecurity Frameworks Flashcards
What is the NIST Cybersecurity Framework?
A set of guidelines and best practices for managing and reducing cybersecurity risk.
What are the five core functions of the NIST Cybersecurity Framework?
Identify, Protect, Detect, Respond, Recover.
What is ISO/IEC 27001?
An international standard that provides requirements for an information security management system (ISMS).
What is the CIS Controls framework?
A set of prioritized cybersecurity best practices developed by the Center for Internet Security (CIS) to defend against cyber threats.
What is COBIT?
Control Objectives for Information and Related Technologies (COBIT) is a framework for the governance and management of enterprise IT.
What is the purpose of a risk assessment in a cybersecurity framework?
To identify potential threats and vulnerabilities to a system and assess their impact.
What is GDPR?
General Data Protection Regulation (GDPR) is a legal framework that sets guidelines for the collection and processing of personal information in the European Union.
What is PCI DSS?
The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards designed to ensure that all companies that process credit card information maintain a secure environment.
What is the MITRE ATT&CK framework?
A globally accessible knowledge base of adversary tactics and techniques based on real-world observations.
What is the purpose of a cybersecurity maturity model?
To assess an organization’s cybersecurity capabilities and help improve them over time.
What is FISMA?
The Federal Information Security Management Act (FISMA) requires federal agencies to develop, document, and implement an information security and protection program.
What is CMMC?
Cybersecurity Maturity Model Certification (CMMC) is a framework for ensuring cybersecurity practices are followed by contractors working with the Department of Defense (DoD).
