Module 1 Flashcards
Security Posture
An organization’s ability to manage its defense of critical assets and data, and react to change
Risk Mitigation
The process of having the right procedures and rules in place to quickly reduce the impact of a risk like a breach
Business Continuity
An organizations ability to maintain their everyday productivity by establishing risk disaster recovery plans
Shared Responsibility
All individuals within an organization take an active role in lowering risk and maintaining both physical and virtual security
IAM Components
Identification
Authentication
Authorization
Accountability
Threat
Any circumstance or event that can negatively impact assets
Risk
Anything that can impact the confidentiality, integrity, or availability of an asset
Low-Risk Asset
Information that would not harm the organization’s reputation or ongoing operations, and would not cause financial damage if compromised
Medium-Risk Asset
Information that’s not available to the public and may cause some damage to the organizations finances, reputation, or ongoing operations
High-Risk Asset
Information protected by regulations or laws, which if compromised would have a severe negative impact on an organizations finances, ongoing operations, or reputation
Vulnerability
Weakness that can be exploited by a threat
Risk Management Framework(RMF)
Prepare
Categorize
Select
Implement
Assess
Authorize
Monitor
RMF Step 1: Prepare
Activities that are necessary to manage security and privacy risks before a breach occurs
RMF Step 2: Categorize
Used to develop risk management processes and tasks
RMF Step 3: Select
Choose, customize, and capture documentation of the controls that protect an organization
RMF Step 4: implement
Implement security and privacy plans for the organization
RMF Step 5: Assess
Determine if established controls are implemented correctly
RMF Step 6: Authorize
Being accountable for the security and privacy risks that may exist in an organization
RMF Step 7: Monitor
Be aware of how systems are operating
