Domain 1 Flashcards
Security and Risk Management (e.g., Security, Risk, Compliance, Law, Regulations, Business Continuity)
Confidentiality
Seeks to prevent the unauthorized disclosure of information: it keeps data secret
Integrity
Seeks to prevent unauthorized modification of information. In other words, integrity seeks to prevent unauthorized write access to data. Integrity also seeks to ensure data that is written in an authorized manner is complete and accurate.
Availability
Ensures that information is available when needed
Subject
An active entity on an information system
Object
A passive data file
Annualized Loss Expectancy
The cost of loss due to a risk over a year
Threat
A potentially negative occurrence
Vulnerability
A weakness in a system
Risk
A matched threat and vulnerability
Safeguard
A measure taken to reduce risk
Total Cost of Ownership
The cost of a safeguard
Return on Investment
Money saved by deploying a safeguard
Disclosure
Unauthorized release of information
Alteration
The unauthorized modification of data
Destruction
Making systems or data unavailable