Help
Options
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't Know
Remaining cards (0)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
Stack #4615279
| Question | Answer |
|---|---|
| ISP | Information Security Program |
| Process (ISP) | Government Framework Disaster Recovery Policies Risk and Asset Management |
| People | Professional Skills Infosec Culture Training and Awareness Access Management |
| Technology | Encryption System Design Detection and Monitoring |
| CIO (Chief Information Officer) | Advises senior management on strategic planning that affects the management of information in the firm |
| CISO (Chief Information Security Officer) | In charge of management and implementation of infosec in the firm. |
| Data Owners | Senior management that control the use of a specific set of information and their security |
| Data Custodians | In charge of a specific set of data and the systems that use, store and transmit it. |
| Data Trustee | Usually appointed by senior management to be in charge and oversee the use of that specific set of data |
| Data User | A customer that has access to the data |
| Access | One’s ability to manipulate, modify or affect another form of data. |
| Asset | The organizational information resources that are being protected |
| Attack | Intentional/unintentional act that can compromise information and the systems that support it |
| Control, safeguard or countermeasure | Security policies, mechanisms and procedures that help fight off threats, protect against risks and resolve vulnerabilities and improve security |
| Exploit | Technique used to compromise a system |
| Exposure | State of being exposed |
| Loss | Information asset suffering damage or destruction/ unauthorized use/ denial of use |
| Protection profile or security posture | Controls put into place to protect the asset |
| Risk | Probability of unwanted occurrence |
| Threat Agent | The instance or component of a threat |
| Threat Source | People, objects or entities that can harm an asset |
| Vulnerability | Weakness or faults in a system that expose information to attack or damage |
| Accuracy | Free from mistake or error and inline with the user’s expectation of value. |
| Authenticity | The quantity/ state of being genuine or original. |
| Authentic information | Information that has been that was originally created, transferred or stored. |
| Utility | The state of having value for some purpose (not just available to the user but in a format that is meaningful and serves a particular purpose) |
| Posession | Owning or controlling an object/ subject. If someone obtains information. Does not mean someone has breached confidentiality. |
Created by:
BeauF