Save
Busy. Please wait.
Log in with Clever
or

show password
Forgot Password?

Don't have an account?  Sign up 
Sign up using Clever
or

Username is available taken
show password


Make sure to remember your password. If you forget it there is no way for StudyStack to send you a reset link. You would need to create a new account.
Your email address is only used to allow you to reset your password. See our Privacy Policy and Terms of Service.


Already a StudyStack user? Log In

Reset Password
Enter the associated with your account, and we'll email you a link to reset your password.
focusNode
Didn't know it?
click below
 
Knew it?
click below
Don't Know
Remaining cards (0)
Know
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.

  Normal Size     Small Size show me how

TSA terms pt 2

General Terms

TermDefinition
Risk Management Framework a template and guideline used by companies to identify, eliminate and minimize risks
Threat a malicious act intended to steal or damage data or disrupt the digital wellbeing and stability of an enterprise
Risk the loss of confidentiality, integrity, or availability of information, data, or information (or control) systems
Vulnerablility a weakness in an IT system that can be exploited by an attacker to deliver a successful attack
Mitigation describes the tools, processes, and strategies companies use to reduce the severity of or seriousness of a potential data breach or other cyber attack
Attacker a person pr group of persons who commit any kind of malicious activity that attempts to collect, disrupt, deny, degrade, or destroy information system resources or the information itself.
Residual Risk remains after your organization has implemented all the security controls, policies, and procedures you believe are appropriate to take
Insider Threat using authorized access, wittingly or unwittingly, to do harm to the Department's mission, resources, personnel, facilities, information, equipment, networks, or systems
Information System an integrated set of components for collecting, storing, and processing data and for providing information, knowledge, and digital products
Vulnreability Management the ongoing, regular process of identifying, assessing, reporting on, managing and remediating cyber vulnerabilities across endpoints, workloads, and systems
Patch Management the process of identifying and deploying software updates, or “patches,” to a variety of endpoints, including computers, mobile devices, and servers
Least Privilege he principle that a security architecture should be designed so that each entity is granted the minimum system resources and authorizations that the entity needs to perform its function.
Separation of Duties refers to the principle that no user should be given enough privileges to misuse the system on their own
Approval/Authority to Operate (ATO) a formal declaration by a Designated Approving Authority (DAA) that authorizes operation of a Business Product and explicitly accepts the risk to agency operations.
Payload the component of the attack which causes harm to the victim
Identity Theft a malicious actor that illegally acquires personal information (date of birth, social security number, credit card details etc.) and uses it for identity fraud (cloning credit cards, applying for loans, extorting the victim etc.)
Personally Identifiable Information (PII) Any representation of information that permits the identity of an individual to whom the information applies to be reasonably inferred by either direct or indirect means
Payment Card Industry organizations that process all types of payment cards, including credit cards, debit cards, ATM cards, and pre-paid cards
HIIPPA (Health Information Portablity and Accountability Act federal law that required the creation of national standards to protect sensitive patient health information from being disclosed without the patient's consent or knowledge
Red Team A group of people authorized and organized to emulate a potential adversary's attack or exploitation capabilities against an enterprise's security posture
Blue Team The group responsible for defending an enterprise's use of information systems by maintaining its security posture against a group of mock attackers
Hacker a person who uses computers to gain unauthorized access to data
Black Hat a person who hacks into a computer network with malicious or criminal intent
White Hat a person who hacks into a computer network in order to test or evaluate its security systems
Grey Hat someone who exploits a security vulnerability in order to spread public awareness that the vulnerability exists
Hacktivist a person who gains unauthorized access to computer files or networks in order to further social or political ends
Script Kiddie a person who uses existing computer scripts or code to hack into computers, lacking the expertise to write their own
Malicious Actor groups/individuals who, with malicious intent, aim to exploit weaknesses in an information system or exploit its operators to gain unauthorized access to or otherwise affect victims’ data, devices, systems, and network
Advance Persistent Threat (APT) An adversary with sophisticated levels of expertise and significant resources, allowing it through the use of multiple different attack vectors
User
Privilege User
Created by: user-1647349
Popular Computers sets

 

 



Voices

Use these flashcards to help memorize information. Look at the large card and try to recall what is on the other side. Then click the card to flip it. If you knew the answer, click the green Know box. Otherwise, click the red Don't know box.

When you've placed seven or more cards in the Don't know box, click "retry" to try those cards again.

If you've accidentally put the card in the wrong box, just click on the card to take it out of the box.

You can also use your keyboard to move the cards as follows:

If you are logged in to your account, this website will remember which cards you know and don't know so that they are in the same box the next time you log in.

When you need a break, try one of the other activities listed below the flashcards like Matching, Snowman, or Hungry Bug. Although it may feel like you're playing a game, your brain is still making more connections with the information to help you out.

To see how well you know the information, try the Quiz or Test activity.

Pass complete!
"Know" box contains:
Time elapsed:
Retries:
restart all cards