Domain 1 Flashcards
CIA
Confidentiality, Integrity, Availability
Confidentiality Tools
Encryption, Strong Passwords, MFA, least privileged access
Confidentiality Threats
Social Engineering, Key Loggers, IoT,
Integrity Tools
Cryptography, Check Sums, Hash, MD5, SHA1, SHA2
Digital Signatures
Access control
Integrity Threats
Alterations to data, Code Injections, Attacks on Encryption
Availability Tools
IPS/IDS, Patch Management, Redundancy on Hardware, SLAs
Availability Attacks
DDOS, physical, staff
Application Failures
Hardware Failure
BMIS
The Business Model for Information Security
Security BSC
Balanced Scorecard
4 Perspectives of Balanced Scorecard
Financial
Customer
Internal Processes
Innovation and Learning
BMIS Foundational Elements
Apex - Organization
People
Process
Technology
BMIS Organization
A network of people interacting, using processes to channel this interaction.
BMIS People
All the people of the organization, Full time, part time, contractors, and consultants
BMIS Dynamic Inerconnections
Culture Emergence Architecture Enabling and Support Governing Human Factors
BMIS Process
The formal Structure of all defined activities in the organization, which together help the organization achieve it’s strategic objectives.