click below
click below
Normal Size Small Size show me how
Security + CompTIA
Domain 5: Risk Management
Term | Definition |
---|---|
SLA | Service Level Agreement |
BPA | Business Partner Agreement |
MOU | Memorandum of understanding (not signed |
ISA | Interconnection agreement - defines security controls especially when US fed Government are connecting to each other |
SLA, BPA, MOU & ISA are types of these | interoperability agreements - help mitigate risk when dealing with third parties |
Users that are responsible for creating or managing security policies | Executive users, data owners and system owners |
RTO | Recovery Time Objective, target time you set for the recovery of your IT & Business activities after diaster |
MTBF | Mean Time Between Failure average time before a product requires a repair |
MTTR | Mean Time to Repair - average time it takes for a repair to take place, measured in hours |
MTTF | Mean tim To Failure - often referred to as "uptime" "time a system is online between outages or failures |
Privacy Threshold Assessment | determines whether a system can contain personal information |
Privacy Impact Assessment | needed for any organization that collects, uses, stores or processes such information |
Risk Assessment | function of threat vulnerability and impact |
Risk = (equation) | Threat x Vulnerability x Impact |
Risk Identification | includes asset identification, risk assessment, threat identification, classification and identification of vulnerabilities |
ALE | Annualized Loss Expectancy |
ALE Equation | SLE X ARO (Single Loss Expectancy X Annual Rate of Occurrence) |
Change Management | discipline that guides how we prepare, equip, and support individuals to successfully adopt change |
Incident Response Plans include | details surrounding incident categorization, prep roles, responsibilities, reporting requirements, escalation procedures, details on cyber incident response teams & training exercises |
Incident Response Process | 1. Preparation 2. Identification 3. Containment 4. Eradication 4. Recovery 5. Post- Incident |
Order of volatility | order in which evidence should be collected from most vulnerable to least volatile (ram & swap files being most volitale) |
Chain of Custody | ensures evidence is properly handled |
DRP | Disaster Recovery Plan - includes backup restoration, security recovery methods |
Differential Backup | Backup of all data altered since last full backup. |
Incremental | includes data changed since last incremental backup |
Preventive Control | computer login notification |
Compensating controls | used when a business or technological constraint exists and an alternate is effective in the current security threat landscape |