Acceptable Use Policy

A policy that defines the actions users may perform while accessing systems and netoworking equipment

Annualized Loss Expectancy

The expected monetary loss that can be anticipated for an asset due to a risk over a one year period

Annualized Rate of Occurrance

The likelihood of risk occuring within a year

A methodology for making modifications to a system and keeping track of those changes

A security policy that addresses the different aspects of how data should be handled within an organization

Data Retention Policy

A security policy that outlines how long to maintain information in the users possession

A set of procedures designed to control and manage data within the organization by specification

Data Wiping and Disposing Policy

A security policy that addresses how and when data will ultimately be erased

an event that does not appear to be a risk but actually turns out to be one

An event that in the beginning is considered to be a risk yet turns out to not be one

The framework and functions required to enable incident response and incident handling within an organization

Management Risk Control Type

A type or risk control that is administrative and covers the laws regulations policys practices and guidlines that govern the overall requriements and controls

The average amount of time expected until the first failure of a piece of equipment

Operational Risk Control Type

Risk control type that covers the operational procedures to limit risk

A network that does not have servers so each device simultaneously functions as both a client and a server to all other devices connected to the network

A security policy that outlines how the organization uses personal information it collects

Qualitative Risk Calculation

An approach to risk calculation that attempts to create actual numbers of the risk by using historical data

Specialized training that is customized to the specific role that an employee holds in the organization

A written document that states how an organization plans to protct the companys information technology assets

Single Loss Expectancy

The expected monetary loss every time a riks occurs

Grouping individuals and organizations into clusters or groups based on a like affiliation

Technical Risk Control Type

A risk control type that involves using technology to control risk.

Help

Options

focusNode

Didn't know it?
click below

Knew it?
click below

Don't Know

Remaining cards (0)

Know

retry

shuffle

restart

0:00

Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.

Normal Size Small Size show me how

Chapter 14 Terms

Security

Term	Definition
Acceptable Use Policy	A policy that defines the actions users may perform while accessing systems and netoworking equipment
Annualized Loss Expectancy	The expected monetary loss that can be anticipated for an asset due to a risk over a one year period
Annualized Rate of Occurrance	The likelihood of risk occuring within a year
Change Management	A methodology for making modifications to a system and keeping track of those changes
Data policy	A security policy that addresses the different aspects of how data should be handled within an organization
Data Retention Policy	A security policy that outlines how long to maintain information in the users possession
Data Storage policy	A set of procedures designed to control and manage data within the organization by specification
Data Wiping and Disposing Policy	A security policy that addresses how and when data will ultimately be erased
False Negative	an event that does not appear to be a risk but actually turns out to be one
False Positive	An event that in the beginning is considered to be a risk yet turns out to not be one
Incident Management	The framework and functions required to enable incident response and incident handling within an organization
Management Risk Control Type	A type or risk control that is administrative and covers the laws regulations policys practices and guidlines that govern the overall requriements and controls
Mean Time to Failure	The average amount of time expected until the first failure of a piece of equipment
Operational Risk Control Type	Risk control type that covers the operational procedures to limit risk
Peer to Peer Network	A network that does not have servers so each device simultaneously functions as both a client and a server to all other devices connected to the network
Privacy Policy	A security policy that outlines how the organization uses personal information it collects
Qualitative Risk Calculation	An approach to risk calculation that attempts to create actual numbers of the risk by using historical data
Role based Training	Specialized training that is customized to the specific role that an employee holds in the organization
Security Policy	A written document that states how an organization plans to protct the companys information technology assets
Single Loss Expectancy	The expected monetary loss every time a riks occurs
Social Networking	Grouping individuals and organizations into clusters or groups based on a like affiliation
Technical Risk Control Type	A risk control type that involves using technology to control risk.

Created by: 1019660571411816

Popular Computers sets

Definitions for Word Processing and the main parts of the MS Word 2010 window

WP Page Formatting

WP Paragraph Formatting terms

Review business letter parts

Review the three paragraph formats (block, indented, hanging indent)

WP font formatting features in Word 2010

Arkansas CBA unit 1 Hardware

"Know" box contains:
Time elapsed:
Retries: