Help
Options
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't Know
Remaining cards (0)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
Chapter 14 Terms
Security
| Term | Definition |
|---|---|
| Acceptable Use Policy | A policy that defines the actions users may perform while accessing systems and netoworking equipment |
| Annualized Loss Expectancy | The expected monetary loss that can be anticipated for an asset due to a risk over a one year period |
| Annualized Rate of Occurrance | The likelihood of risk occuring within a year |
| Change Management | A methodology for making modifications to a system and keeping track of those changes |
| Data policy | A security policy that addresses the different aspects of how data should be handled within an organization |
| Data Retention Policy | A security policy that outlines how long to maintain information in the users possession |
| Data Storage policy | A set of procedures designed to control and manage data within the organization by specification |
| Data Wiping and Disposing Policy | A security policy that addresses how and when data will ultimately be erased |
| False Negative | an event that does not appear to be a risk but actually turns out to be one |
| False Positive | An event that in the beginning is considered to be a risk yet turns out to not be one |
| Incident Management | The framework and functions required to enable incident response and incident handling within an organization |
| Management Risk Control Type | A type or risk control that is administrative and covers the laws regulations policys practices and guidlines that govern the overall requriements and controls |
| Mean Time to Failure | The average amount of time expected until the first failure of a piece of equipment |
| Operational Risk Control Type | Risk control type that covers the operational procedures to limit risk |
| Peer to Peer Network | A network that does not have servers so each device simultaneously functions as both a client and a server to all other devices connected to the network |
| Privacy Policy | A security policy that outlines how the organization uses personal information it collects |
| Qualitative Risk Calculation | An approach to risk calculation that attempts to create actual numbers of the risk by using historical data |
| Role based Training | Specialized training that is customized to the specific role that an employee holds in the organization |
| Security Policy | A written document that states how an organization plans to protct the companys information technology assets |
| Single Loss Expectancy | The expected monetary loss every time a riks occurs |
| Social Networking | Grouping individuals and organizations into clusters or groups based on a like affiliation |
| Technical Risk Control Type | A risk control type that involves using technology to control risk. |
Created by:
1019660571411816
Popular Computers sets