Vocab 3 Flashcards

You may prefer our related Brainscape-certified flashcards:
1
Q

The level of certainty that an incident will occur; often expressed statistically as a probability of occurrence.

A

likelihood

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

A security concept that requires an individual have an actual requirement to access systems or data, based upon their job requirements.

A

need-to-know

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

The U.S. Department of Commerce’s National Institute of Standards and Technology.

A

NIST

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

The overall risk management methodology published and promulgated by the National Institute of Standards and Technology (NIST).

A

NIST Risk Management Framework (RMF)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

The security concept that requires an individual to be accountable for their actions, such that they cannot deny that they took an action.

A

nonrepudiation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

The Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE) methodology developed by Carnegie Mellon University and the U.S. government to assist organizations in identifying and assessing information security risk.

A

OCTAVE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Passive tools listen for network traffic or monitor the hosts they reside on, quietly and with little to no impact on the ongoing operations; used when there is a desire for no interference with daily activities.

A

passive tools

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

PCI-DSSA set of security requirements levied on merchants that process credit card transactions by the major payment card industry providers, including Discover, Visa, MasterCard, and American Express. PCI-DSS was developed in an effort to
impose security requirements and controls on retailers (merchants and service providers) in order to reduce credit card fraud and identity theft.

A

PCI-DSS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

penetration testingDesigned to exploit weaknesses on a system based on their having been exploited, not just the probability.

A

penetration testing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

A hardware or software infrastructure upon which to base computing operating systems, applications, and networks. It may involve different operating systems, network protocols, or particular types of hardware.

A

platform

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Allows a tester to determine which ports on the system are listening for requests.

A

port scanner

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

A grouping of programs, managed as a whole. Portfolio management is the oversight and management of several different programs by a senior person in the organization.

A

portfolio

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

A proven, standardized methodology or way of performing particular tasks or processes.

A

practice

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

A grouping of similar projects; programs are usually ongoing and longer-term in nature and may also encompass several individual projects, as well as other activities specific to processes that may have an indefinite duration.

A

program

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

A limited-duration set of activities geared toward a particular goal; projects have definitive start and stop dates, resource allocations, scope, schedule, and costs.

A

project

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

A set of processes covering a defined project from start to finish, generally looking to cut costs such as time, scope, and overall project cost.

A

project management