Risk Identification, Monitoring and Analysis Flashcards
What is an acceptable use policy?
Administrative statement of what company provided IT systems can be used for
What is annualized rate of occurrence (ARO)?
Number of times a risk event is anticipated to occur within a calendar year
Can Common Vulnerability and Exposures (CVE) data provide everything you need to secure your systems?
No, because of customized needs are not provided
What is an existential risk?
Risk of such impact that can put a business out
How would you use CVE data?
As your own systems vulnerability assessment and to guide hardening efforts
What are MAO, MTO, and MTPOD?
- Maximum tolerable outage
- Maximum allowable outage
- Maximum tolerable period of disruption
Longest time that a system can be inoperable before intolerable damage is done to the business
What is SLE?
Single loss expectancy, the damages or loss anticipated by a single occurrence of a risk event
What ways can you assess risk?
Base it on the impacts or anticipated losses to organizational outcomes or goals
What is a zero day exploit?
Exploitation of an unreported vulnerability in commercial or widely available software or firmware
What is the difference between security classification and categorization?
Classification determines the type and severity of the impact or loss of any aspect of the security of an information asset
Categorization groups together assets with the same classification or that share the same compliance requirements for security
What do SOAR systems approaches mean for security operations?
- Security orchestration, automation, and response (SOAR) brings together multiple security information systems and sources
- Provide workflows and playbooks to automate procedures and action to control the operation of security systems
Together provides the organization with a combination of detailed insight based on analytics
