KMN

Question 1

Key goal indicator (KGI)

Answer 1

A measure that tells management, after the fact, whether an IT process has achieved its business requirements; usually expressed in terms of information criteria.

Question 2

Key performance indicator (KPI)

Answer 2

A performance indicator or key performance indicator is a type of performance measurement

Question 3

Key risk indicator (KRI)

Answer 3

A subset of risk indicators that are highly relevant and possess a high probability of predicting or indicating important risk

Question 4

Mail relay server

Answer 4

An electronic mail (e-mail) server that relays messages so that neither the sender nor the recipient is a local user.

Question 5

Malware

Answer 5

Short for malicious software. Designed to infiltrate, damage or obtain information from a computer system without the owner’s consent. Examples of malware include computer viruses, worms, Trojan horses, spyware and adware.

Question 6

Mandatory access control (MAC)

Answer 6

Logical access control filters used to validate access credentials that cannot be controlled or modified by normal users or data owners

Question 7

Man-in-the-middle attack (MITM)

Answer 7

An attack strategy in which the attacker intercepts the communication stream between two parts of the victim system and then replaces the traffic between the two components with the intruder’s own, eventually assuming control of the communication

Question 8

Masqueraders

Answer 8

Attackers that penetrate systems by using the identity of legitimate users and their logon credentials

Question 9

Maximum tolerable outages (MTO)

Answer 9

Maximum time that an enterprise can support processing in alternate mode

Question 10

Media access control (MAC)

Answer 10

Lower sublayer of the OSI Model Data Link layer

Question 11

Message authentication code

Answer 11

An American National Standards Institute (ANSI) standard checksum that is computed using Data Encryption Standard (DES).

Question 12

Message digest

Answer 12

A cryptographic hash function takes an input of an arbitrary length and produces an output (also known as a message digest) that is a standard-sized binary string. The output is unique to the input in such a way that even
a minor change to the input results in a completely different output. Modern cryptographic hash functions are
also resistant to collisions (situations in which different inputs produce identical output); a collision, while possible, is statistically improbable. Cryptographic hash functions are developed so that input cannot be determined readily from the output. See Hash.

Question 13

Mirrored site

Answer 13

An alternate site that contains the same information as the original

Question 14

Mobile site

Answer 14

The use of a mobile/temporary facility to serve as a business resumption location. The facility can usually be delivered to any site and can house information technology and staff.

Question 15

Monitoring policy

Answer 15

Rules outlining or delineating the way in which information about the use of computers, networks, applications and information is captured and interpreted

Question 16

Net present value (NPV)

Answer 16

Calculated by using an after-tax discount rate of an investment and a series of expected incremental cash outflows (the initial investment and operational costs) and cash inflows (cost savings or revenues) that occur at
regular periods during the life cycle of the investment.

Question 17

Network address translation (NAT)

Answer 17

A methodology of modifying network address information in IP datagram packet headers while they are in transit across a traffic routing device for the purpose of remapping one IP address space into another

Question 18

Nonintrusive monitoring

Answer 18

The use of transported probes or traces to assemble information, track traffic and identify vulnerabilities.

Question 19

Nonrepudiation

Answer 19

The assurance that a party cannot later deny originating data; provision of proof of the integrity and origin of the data and that can be verified by a third party