I Flashcards

You may prefer our related Brainscape-certified flashcards:
1
Q

Identity and access management (IAM)

A

Encapsulates people, processes and products to identify and manage the data used in an information system to authenticate users and grant or deny access rights to data and system resources. The goal of IAM is to provide
appropriate access to enterprise resources.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Impact analysis

A

A study to prioritize the criticality of information resources for the enterprise based on costs (or consequences) of adverse events. In an impact analysis, threats to assets are identified and potential business losses
determined for different time periods. This assessment is used to justify the extent of safeguards that are required and recovery time frames. This analysis is the basis for establishing the recovery strategy.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Incident response plan

A

Also called IRP. The operational component of incident management.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Incident response

A

The response of an enterprise to a disaster or other significant event that may significantly affect the enterprise, its people or its ability to function productively. An incident response may include evacuation of a facility, initiating a disaster recovery plan (DRP), performing damage assessment and any other measures necessary to bring an enterprise to a more stable status.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Incident

A

A violation or imminent threat of violation of computer security policies, acceptable use policies, guidelines or standard security practices

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Information security governance

A

The set of responsibilities and practices exercised by the board and executive management with the goal of providing strategic direction, ensuring that objectives are achieved, ascertaining that risk is managed
appropriately and verifying that the enterprise’s resources are used responsibly.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Information security program

A

The overall combination of technical, operational and procedural measures and management structures implemented to provide for the confidentiality, integrity and availability of information based on business
requirements and risk analysis

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Information security

A

Ensures that, within the enterprise, information is protected against disclosure to unauthorized users (confidentiality), improper modification (integrity) and nonaccess when required (availability). Information security deals with all formats of information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Infrastructure as a Service (IaaS)

A

Offers the capability to provision processing, storage, networks and other fundamental computing resources, enabling the customer to deploy and run arbitrary software, which can include operating systems (OSs) and
applications

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Integrity

A

The guarding against improper information modification or destruction, and includes ensuring information nonrepudiation and authenticity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Internal controls

A

The policies, procedures, practices and organizational structures designed to provide reasonable assurance that business objectives will be achieved and undesired events will be prevented or detected and corrected

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Internet service provider (ISP)

A

A third party that provides individuals and enterprises with access to the Internet and a variety of other Internet-related services

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Interruption window

A

The time that the company can wait from the point of failure to the restoration of the minimum and critical services or applications. After this time, the progressive losses caused by the interruption are excessive for the
enterprise.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Intrusion detection system (IDS)

A

Inspects network and host security activity to identify suspicious patterns that may indicate a network or system attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Intrusion detection

A

The process of monitoring the events occurring in a computer system or network to detect signs of unauthorized access or attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Intrusion prevention system (IPS)

A

A system designed to not only detect attacks, but also prevent the intended victim hosts from being affected by the attacks

17
Q

IP Security (IPSec)

A

A set of protocols developed by the Internet Engineering Task Force (IETF) to support the secure exchange of packets

18
Q

ISO/IEC 17799

A

This standard defines information’s confidentiality, integrity and availability controls in a comprehensive information security management system.

19
Q

ISO/IEC 27001

A

Information Security Management

20
Q

IT governance

A

The responsibility of executives and the board of directors; consists of the leadership, organizational structures and processes that ensure that the enterprise’s IT sustains and extends the enterprise’s strategies and objectives.

21
Q

IT steering committee

A

An executive-management-level committee that assists in the delivery of the IT strategy, oversees day-to-day management of IT service delivery and IT projects, and focuses on implementation aspects.

22
Q

IT strategic plan

A

A long-term plan (i.e., three- to five-year horizon) in which business and IT management cooperatively describe how IT resources will contribute to the enterprise’s strategic objectives (goals).

23
Q

IT strategy committee

A

A committee at the level of the board of directors to ensure that the board is involved in major IT matters and decisions.