Glossary Terms from Module 1-2 Flashcards
Define Assess
The fifth step of the NIST RMF that means to determine if established controls are implemented correctly
Define Authorize
The sixth step of the NIST RMF that refers to being accountable for the security and privacy risks that may exist in an organization
Define Business continuity
An organization’s ability to maintain their everyday productivity by establishing risk disaster recovery plans
Define Categorize
The second step of the NIST RMF that is used to develop risk management processes and tasks
Define External threat
Anything outside the organization that has the potential to harm organizational assets
Define Implement
The fourth step of the NIST RMF that means to implement security and privacy plans for an organization
Define Internal threat
A current or former employee, external vendor, or trusted partner who poses a security risk
Define Prepare
The first step of the NIST RMF related to activities that are necessary to manage security and privacy risks before a breach occurs
Define Monitor
The seventh step of the NIST RMF that means be aware of how systems are operating
Define Ransomware
A malicious attack where threat actors encrypt an organization’s data and demand payment to restore access
Define Risk
Anything that can impact the confidentiality, integrity, or availability of an asset
Define Risk mitigation
The process of having the right procedures and rules in place to quickly reduce the impact of a risk like a breach
Define Security posture
An organization’s ability to manage its defense of critical assets and data and react to change
Define Select
The third step of the NIST RMF that means to choose, customize, and capture documentation of the controls that protect an organization
Define Shared responsibility
The idea that all individuals within an organization take an active role in lowering risk and maintaining both physical and virtual security
