Foundation of Cybersecurity Module 1 Flashcards
What is Compliance?
is the process of adhering to internal standards and external regulations and enables organizations to avoid fines and security breaches.
What are Security frameworks?
are guidelines used for building plans to help mitigate risks and threats to data and privacy.
What are Security controls?
are safeguards designed to reduce specific security risks. They are used with security frameworks to establish a strong security posture.
What is Security posture?
is an organization’s ability to manage its defense of critical assets and data and react to change. A strong security posture leads to lower risk for the organization.
What is a Threat actor?
Any person or group who presents a security risk
What is an Internal threat?
Can be a current or former employee, an external vendor, or a trusted partner who poses a security risk. At times, an internal threat is accidental. For example, an employee who accidentally clicks on a malicious email link would be considered an accidental threat. Other times, the internal threat actor intentionally engages in risky activities, such as unauthorized data access.
What is Network security?
is the practice of keeping an organization’s network infrastructure secure from unauthorized access. This includes data, services, systems, and devices that are stored in an organization’s network.
What is Cloud security?
Is the process of ensuring that assets stored in the cloud are properly configured, or set up correctly, and access to those assets is limited to authorized users. The cloud is a network made up of a collection of servers or computers that store resources and data in remote physical locations known as data centers that can be accessed via the internet. Cloud security is a growing subfield of cybersecurity that specifically focuses on the protection of data, applications, and infrastructure in the cloud.
What is Persaonally Identifiable Information (PII)?
Any information used to infer and individual’s identity
What is sensitive personally identifable information (SPII)?
A specific type of PII that falls under stricter handling guidelines
What is identify theft?
Is the act of stealing personal information to commit fraud while impersonating a victim.
Why security matters for a business?
Because ensures business continuity, prevent data loss or leaks that may affect reputation, increases financial growth and referrals.
What is cybersecurity?
The practice of ensuring confidentiality, integrity, and availability of information by protecting networks, devices, people and data from unauthorized access or criminal exploitation.
What is a threat?
A threat is any circumstance or event that can negatively impact assets
