Definitions Flashcards

1
Q

Logical Assets

A

Assets that exist as data or intellectual property

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Physical Assets

A

those assets which are tangible objects and materials.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Information Security

2 definitions

A

Protecting information and information systems from unauthorized access, use, disclosure disruption, modification, or destruction.

Protect data and systems from those who seek to misuse them, intentionally or unintentionally, or those who shouldn’t have access at all.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

PCI DSS (Payment card industry data security standards are what?

A

Applies to companies that process credit card payments

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

FISMA (Federal Information Security Management Act)

A

Defines security standards for many federal agencies in the USA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Confidentiality

A

Our ability to protect our data from those who are not authorized to use it.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Integrity

A

The ability to prevent people from changing your data in an unauthorized or undesirable manner.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Availability

A

Refers to the ability to access our data when we need it

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Parkerian Hexad?

A

a more thorough model for assessing information security than CIA.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Possession / Control

A

refers to the physical disposition of the media on which the data is stored.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Authenticity

A

Allows you to say whether you’ve attributed the data in question to it’s proper owner or creator

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Utility

A

How useful is the data to you?

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Interception Attack:

A

allows unauthorized users to access your data, applications or environments. Primarily attacks against confidentiality.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Data at Rest

A

stored data that isn’t in the process of being moved from one place to another

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Data in Motion

A

data in the process of being moved from one place to another

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Data in Use

A

data an application or individual is actively accessing or modifying.

17
Q

Modification Attacks

A

involves tampering with an asset

18
Q

Fabrication Attacks

A

Involves generating data, processes, communications, or other similar material with a system.

19
Q

Threats

A

something that has the potential to cause harm

20
Q

Vulnerability

A

Weakness, or holes that threats can exploit to cause you harm

21
Q

Risk

A

is the likelihood that something bad will happen

22
Q

Impact

A

used by some organizations like the NSA.

Takes into account the value of the asset being threatened and uses it to calculate the risk.

23
Q

What are controls?

A

Measures put into place to mitigate risks.

24
Q

What are physical controls?

A

Protect the physical environment in which your systems sit or where your data is stored.

25
Q

What are logical controls?

A

Protect the systems, networks, and environs that process, transmit, and store data

26
Q

What are administrative controls?

A

Based on rules, laws, policies, procedures, guidelines,and other items that are “paper” in nature.

Dictate how the users of your environment should behave?