Domain 3 Flashcards
Audit
Independent review and examination of records and activities to assess the inadequacy of system controls, to ensure compliance with established policies and operational procedures
Crime prevention through environmental design or cpted
An architectural approach to the design of buildings and spaces which emphasizes passive features to reduce the likelihood of criminal activity
Defense in depth
Information security strategy integrating people technology and operations capabilities to establish variable barriers across multiple layers and missions of the organization
Discretionary access control or DAC
A certain amount of Access Control is left to the discretion of the object’s owner or anyone else who is authorized to control the objects access
Encrypt
To protect private information by putting it into a form that can only be read by people who have permission to do so
Firewalls
Devices that enforce administrative security policies by filtering incoming traffic based on a set of rules
Insider threat
An entity with authorized access that has the potential to harm an information system through destruction, disclosure, modification of data, and / or denial of service
IOS
An operating system manufactured by Apple used for mobile devices
Layered defense
The use of multiple controls arranged in series to provide several consecutive controls to protect an asset semicolon also called defense and depth
Linux
An operating system that is open source, making its source code legally available to end users
Log anomaly
A system irregularity that is identified when studying log entries which could represent events of interest for further surveillance
Logging
Collecting and storing user activities in a log which is a record of the events occurring within an organization systems and networks
Logical Access Control Systems
An automated system that controls an individual’s ability to access one or more computer system resources, such as workstation, network, application or database
Mandatory Access Control
Access control that requires the system itself to manage access controls in accordance with the organization’s security policies
Man Trap
An entrance to a building or an area that requires people to pass through two doors with only one door opened at a time