Untitled Deck

Question 1

Asset

Answer 1

An item perceived as having value to an organization

Question 2

Attack vectors

Answer 2

The pathways attackers use to penetrate security defenses

Question 3

Authentication

Answer 3

The process of verifying who someone is

Question 4

Authorization

Answer 4

The concept of granting access to specific resources in a system

Question 5

Availability

Answer 5

The idea that data is accessible to those who are authorized to access it

Question 6

Biometrics

Answer 6

The unique physical characteristics that can be used to verify a person’s identity

Question 7

Confidentiality

Answer 7

The idea that only authorized users can access specific assets or data

Question 8

Confidentiality, integrity, availability (CIA) triad

Answer 8

A model that helps inform how organizations consider risk when setting up systems and security policies

Question 9

Detect (NIST)

Answer 9

A NIST core function related to identifying potential security incidents and improving monitoring capabilities to increase the speed and efficiency of detections

Question 10

Encryption

Answer 10

The process of converting data from a readable format to an encoded format

Question 11

Identify (NIST)

Answer 11

A NIST core function related to management of cybersecurity risk and its effect on an organization’s people and assets

Question 12

Integrity

Answer 12

The idea that the data is correct, authentic, and reliable

Question 13

National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF)

Answer 13

A voluntary framework that consists of standards, guidelines, and best practices to manage cybersecurity risk

Question 14

National Institute of Standards and Technology (NIST) Special Publication (S.P.) 800-53

Answer 14

A unified framework for protecting the security of information systems within the U.S. federal government

Question 15

Open Web Application Security Project/Open Worldwide Application Security Project (OWASP)

Answer 15

A non-profit organization focused on improving software security

Question 16

Protect (NIST)

Answer 16

A NIST core function used to protect an organization through the implementation of policies, procedures, training, and tools that help mitigate cybersecurity threats

Question 17

Recover (NIST)

Answer 17

A NIST core function related to returning affected systems back to normal operation

Question 18

Respond (NIST)

Answer 18

A NIST core function related to making sure that the proper procedures are used to contain, neutralize, and analyze security incidents, and implement improvements to the security process

Question 19

Risk

Answer 19

Anything that can impact the confidentiality, integrity, or availability of an asset

Question 20

Security audit

Answer 20

A review of an organization’s security controls, policies, and procedures against a set of expectations

Question 21

Security controls

Answer 21

Safeguards designed to reduce specific security risks

Question 22

Security frameworks

Answer 22

Guidelines used for building plans to help mitigate risk and threats to data and privacy

Question 23

Security posture

Answer 23

An organization’s ability to manage its defense of critical assets and data and react to change

Question 24

Threat

Answer 24

Any circumstance or event that can negatively impact assets