S1 M4 Flashcards
CIS Control 10 - Malware Defenses
Assists companies in preventing the installation of malware onto their devices
CIS Control 11 - Data Recovery
Establishes data backup, testing, and restoration process that allow organizations to effectively recover company assets to a pre-incident state
CIS Control 13 - Network Monitoring and Defense
Control establishes procedures for monitoring and defending a company’s network infrastructure against both internal and external threats
CIS Control 12 - Network Infrastructure Management
Control establishes procedures and tools to for managing and securing a company’s network infrastructure
Denial of Service (DOS) attacks
Someone gains access to a system and overloads it with traffic so it is rendered useless
Ransomware
Attacker gains access to a system, blocks users out, and essentially holds the system for ransom until you pay them to get it back
CIS Control 14 - Security Awareness and Skills Training
Guides organizations to create a security awareness and training program to inform employees and reduce cybersecurity risk
CIS Control 15 - Service Provider management
Helps organizations evaluate third party service providers who handle sensitive data. If we are we going to work with a service provider, we want to make sure they are on the same page about protecting our clients data
CIS Control 16 - Application Software Security
Establishes safeguards that manage the entire lice cycle of software that is acquired, hosted, or developed in house to detect and resolve cybersecurity weaknesses before they are exploited
CIS Control 17 - Incident Response Management
Recommendations necessary to establish an incident response management program to detect and respond to cybersecurity attacks
CIS Control 18 - Penetration Testing
someone internal to your organizations simulates a cybersecurity attack in an effort to find and exploit a weak point
