Study Notes

Question 1

the process of adhering to internal standards and external regulations and enables organizations to avoid fines and security breaches.

Answer 1

Compliance

Question 2

guidelines used for building plans to help mitigate risks and threats to data and privacy.

Answer 2

Security frameworks

Question 3

safeguards designed to reduce specific security risks. They are used with security frameworks to establish a strong security posture.

Answer 3

Security controls

Question 4

an organization’s ability to manage its defense of critical assets and data and react to change. A strong security posture leads to lower risk for the organization.

Answer 4

Security posture

Question 5

any person or group who presents a security risk. This risk can relate to computers, applications, networks, and data.

Answer 5

threat actor

Question 6

can be a current or former employee, an external vendor, or a trusted partner who poses a security risk. At times, an internal threat is accidental.

Answer 6

internal threat

Question 7

the practice of keeping an organization’s network infrastructure secure from unauthorized access. This includes data, services, systems, and devices that are stored in an organization’s network.

Answer 7

Network security

Question 8

the process of ensuring that assets stored in the cloud are properly configured, or set up correctly, and access to those assets is limited to authorized users

Answer 8

Cloud security

Question 9

a process that can be used to create a specific set of instructions for a computer to execute tasks. These tasks can include:

Automation of repetitive tasks (e.g., searching a list of malicious domains)

Reviewing web traffic 

Alerting suspicious activity

Answer 9

Programming