Terms Deck 6

Question 1

password cracker

Answer 1

A software utility that allows direct testing of user logon password strength by conducting brute-force password tests.

Question 2

MITRE ATT&CK

Answer 2

A knowledge base and framework of different attack techniques to understand and defend against an attacker.

Question 3

cyber kill chain

Answer 3

A framework that is used to track the steps or phases that an attacker goes through as part of an intrusion.

Question 4

disaster recovery planning (DRP)

Answer 4

A plan that spells out actions to be taken in case a business is hit with a natural or human-caused disaster.

Question 5

business continuity planning (BCP)

Answer 5

A plan that describes a long-term systems and services replacement and recovery strategy, designed for when a complete loss of facilities occurs. A business continuity plan prepares for automatic failover of critical services to redundant offsite systems.

Question 6

continuity of operations planning (COOP)

Answer 6

An initiative issued to ensure that government departments and agencies are able to continue operation in case of natural, human-caused, or technological threats and national security emergencies.

Question 7

SIEM dashboard

Answer 7

A set of tools that collects, correlates, and displays data feeds that support response activities.

Question 8

syslog

Answer 8

A system logging protocol used to send logs or messaging events to a server.

Question 9

chain of custody

Answer 9

The documentation of all transfers of evidence from one person to another, showing the date, time, reason for transfer, and signatures of both parties involved in the transfer. Chain of custody also refers to the process of tracking evidence from a crime scene to the courtroom.

Question 10

order of volatility

Answer 10

In the evidence collection process, collection that occurs from the most volatile component to the least volatile.

Question 11

e-discovery

Answer 11

The discovery process for electronically stored information.

Question 12

preventive control

Answer 12

A control that attempts to prevent unwanted events by inhibiting the free use of computing resources.

Question 13

detective control

Answer 13

A control that warns that physical security measures are being violated.

Question 14

corrective control

Answer 14

A control that is reactive and provides measures to reduce harmful effects or restore the system being impacted.

Question 15

deterrent control

Answer 15

A control that is intended to discourage individuals from intentionally violating information security policies or procedures.

Question 16

compensating control

Answer 16

An alternative control that is intended to reduce the risk of an existing or potential control weakness.

Question 17

physical control

Answer 17

A control that forms the outer line of physical defense against direct access to data.

Question 18

General Data Protection Regulation (GDPR)

Answer 18

A regulation intended to strengthen data protection for all individuals within the European Union (EU).

Question 19

Payment Card Industry Data Security Standard (PCI DSS)

Answer 19

A standard that governs the use and storage of credit card data.

Question 20

National Institute of Standards and Technology (NIST)

Answer 20

An agency within the U.S. Department of Commerce that is responsible for developing measurement standards, including standards for cybersecurity best practices, monitoring, and validation.

Question 21

International Organization for Standardization (ISO)

Answer 21

A body that provides best practice recommendations on information security management.

Question 22

Cloud Security Alliance (CSA)

Answer 22

A nonprofit organization that provides security best practices for cloud-based services and computing.

Question 23

acceptable use policy (AUP)

Answer 23

An organization’s policy that provides specific detail about what users may do with their network access, including email and instant messaging usage for personal purposes, limitations on access times, and the storage space available to each user.

Question 24

least privilege

Answer 24

An access control practice in which a logon is given only minimal access to resources required to perform its tasks.

Question 25

nondisclosure agreement (NDA)

Answer 25

A legally binding document that organizations might require of their employees and other people who come into contact with confidential information.

Question 26

service-level agreement (SLA)

Answer 26

A contract between two companies or a company and an individual that specifies, by contract, a level of service to be provided. Supplying replacement equipment within 24 hours of loss is a simple example of something an SLA might specify.

Question 27

memorandum of understanding (MOU)

Answer 27

A binding, collaborative agreement entered into by two or more parties.

Question 28

business partnership agreement (BPA)

Answer 28

A type of contract that establishes the responsibilities of each partner.

Question 29

interconnection security agreement (ISA)

Answer 29

An agreement between organizations that have connected or shared IT systems.

Question 30

risk acceptance

Answer 30

The process of recognizing a risk, identifying it, and then accepting that it is sufficiently unlikely or of such limited impact that corrective controls are not warranted.

Question 31

risk avoidance

Answer 31

A solution for eliminating a vulnerability that gives rise to a particular risk so that it is avoided altogether.

Question 32

risk transference

Answer 32

A strategy that involves moving risk to hosted providers who assume the responsibility for recovery and restoration or acquiring insurance to cover the costs of equipment theft or data exposure.

Question 33

risk mitigation

Answer 33

The reduction in likelihood or impact of a risk’s exposure.

Question 34

risk register

Answer 34

A specialized software program, cloud service, or master document that provides a method to record information about identified risks.

Question 35

single loss expectancy (SLE)

Answer 35

The expected cost per instance arising from the occurrence of a risk. The SLE is calculated as the product of the asset value and the risk’s exposure factor (a percentage of loss if a risk occurs).

Question 36

annualized loss expectancy (ALE)

Answer 36

The expected cost per year arising from a risk’s occurrence. It is calculated as the product of the single loss expectancy (SLE) and the annualized rate of occurrence (ARO).

Question 37

annualized rate of occurrence (ARO)

Answer 37

The number of times a given risk will occur within a single year.

Question 38

business impact analysis (BIA)

Answer 38

The process of determining the impacts that might result from the interruption of time-sensitive or critical business processes.

Question 39

recovery time objective (RTO)

Answer 39

A measure of the time in which a service should be restored during disaster recovery operations.

Question 40

recovery point objective (RPO)

Answer 40

The amount of time that can elapse during a disruption before the quantity of data lost during that period exceeds the business continuity plan’s maximum allowable threshold.

Question 41

mean time to repair (MTTR)

Answer 41

The average time that a device will take to recover from any failure.

Question 42

mean time between failures (MTBF)

Answer 42

The point in time at which a device will still be operational, denoting the average time a device will function before failing.

Question 43

personally identifiable information (PII)

Answer 43

Broadly, any data that can be used to identify an individual.

Question 44

privacy impact assessment (PIA)

Answer 44

An assessment needed for any organization that collects, uses, stores, or processes personal information such as PII or PHI.