Help
Options
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't Know
Remaining cards (0)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
Security Chapter 1
| Term | Definition |
|---|---|
| acceptance | Taking no action to address an acknowledged risk. |
| accounting | Tracking events. |
| Advanced Persistent Threat | Multilayer intrusion campaign that targets highly sensitive economic, proprietary, or National security information. |
| asset | An item that has value. |
| authentication | Steps insuring an individual is who they claim to be. |
| authorization | The act of providing permission or approval to technological resources. |
| availability | Security actions that ensure data is accessible to authorized users. |
| broker | An attacker who sells knowledge of vulnerabilities to other attackers or governments. |
| Bring Your Own Device | The practice of allowing users to connect personal devices to Organizational networks. |
| California's Security Breach Notification Act | The first state electronic privacy la, which covers any State, agency, person, or company that does business in California. |
| cybercrime | Targeted attacks against technological systems. |
| cybercriminals | A network of attackers, identity thieves, spammers, and financial fraudsters. |
| confidentiality | Security actions which ensure only authorized parties can view information. |
| Cyber Kill Chain (TM) | A stupid name made up by Lockheed Martin outlining the steps of a cyber attack. |
| cyberterrorism | A premeditated, politically motivated attack against information systems which can result in violence. |
| cyberterrorist | An attacker with ideological, instead of financial, goals. |
| deterrence | Understanding the attacker and informing them of the consequences of their actions. |
| exploit kit | An automated attack package that can be used by laymen. |
| Gramm-Leach-Bliley Act | A US law that requires banks and financial institutions to alert customers of their policies about disclosing customer information. |
| hactivist | A baby cyberterrorist. |
| HIPAA | A US law designed to guard protected health information and implement policies to safeguard it. |
| Identity Theft | Stealing another persons personal information. |
| information security | The tasks of protecting the integrity, confidentiality, and availability of information on the devices that store, manipulate, and transmit the information through products, people, and procedures. |
| insiders | Employees, contractors, and business partners capable of being responsible for a cyber attack. |
| integrity | Security actions which verify correct information to ensure it hasn't been tampered with. |
| mitigation | Addressing a risk by reducing the severity. |
| PCI DSS | A set of security standards that all U.S. companies processing, storing, or transmitting credit card information must follow. |
| risk avoidance | Identifying the risk but making the decision to not engage in the activity. |
| Sarbanes-Oxley Act | A U.S. law designed to fight corporate corruption. |
| script kiddie | Individual who lacks advanced knowledge of computers and networks and so uses downloaded automated attack software to attack information systems. |
| state-sponsored attacker | Attacker commissioned by governments to attack enemies ā information systems. |
| threat agent | A person or element that has the power to carry out a threat. |
| threat likelihood | The probability that a threat will actually occur. |
| threat vector | The means by which an attack could occur. |
| transference | Transferring the risk to a third party. |
| vulnerability | A flaw or weakness that allows a threat agent to bypass security. |
| Nitroglycerine | An explosive agent which can help reduce the likelihood and damage of a heart attack. Get well soon, Robert. |
Created by:
O'Bryan
Popular Business sets