Control Types(Ch 1 - CISSP)
Quiz yourself by thinking what should be in
each of the black spaces below before clicking
on it to display the answer.
Help!
|
|
||||
|---|---|---|---|---|---|
| Administrative Control | referred to as "soft controls" examples are: security documentation, risk management, personal security, training
🗑
|
||||
| Technical Control | referred to as "logical controls" examples are: software or hardware components, firewalls, IDS, IPS,encryption etc
🗑
|
||||
| Physical Control | put in place to protect facility, personnel or resources examples: Security Guards, Locks, Fencing, Lighting
🗑
|
||||
| Control Countermeasure | Control put into place to mitigate a potential risk
🗑
|
||||
| Exposure | An instance of being exposed to losses
🗑
|
||||
| Risk | The likelihood of a threat source exploiting a vulnerability and the corresponding business impact
🗑
|
||||
| Threat Agent | An entity that takes advantage of a vulnerability
🗑
|
||||
| Threat | Any potential danger that is associated with the exploitation of a vulnerability
🗑
|
||||
| Vulnerability | A weakness: a lack of a safegard
🗑
|
||||
| Exploit | Instance of compromise
🗑
|
||||
| Controls | Protective mechanisms to secure vulnerablilities
🗑
|
||||
| Secondary Risks | Risk event that comes as a result of another risk response
🗑
|
||||
| Residual Risk | The amount of risk left over after a risk response
🗑
|
||||
| Fallback Plan | "Plan B"
🗑
|
||||
| Workaround | Unplanned Response (for unidentified risk or when other responses don't work.)
🗑
|
||||
| Attack Tree | The branches that are created by each decision point of an attack .
🗑
|
||||
| Risk Assessment | A method of identifying vulnerabilities and threats and assessing the possible impacts to determine where to implement security controls.
🗑
|
||||
| Due Care | An organization took all reasonable measures to prevent security breaches and also took steps to mitigate damages caused by successful breaches.
🗑
|
||||
| Due Diligence | An organization investigated all vulnerabilities. This includes performing audits and assessments to ensure that the organization is protected.
🗑
|
Review the information in the table. When you are ready to quiz yourself you can hide individual columns or the entire table. Then you can click on the empty cells to reveal the answer. Try to recall what will be displayed before clicking the empty cell.
To hide a column, click on the column name.
To hide the entire table, click on the "Hide All" button.
You may also shuffle the rows of the table by clicking on the "Shuffle" button.
Or sort by any of the columns using the down arrow next to any column heading.
If you know all the data on any row, you can temporarily remove it by tapping the trash can to the right of the row.
To hide a column, click on the column name.
To hide the entire table, click on the "Hide All" button.
You may also shuffle the rows of the table by clicking on the "Shuffle" button.
Or sort by any of the columns using the down arrow next to any column heading.
If you know all the data on any row, you can temporarily remove it by tapping the trash can to the right of the row.
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
Created by:
Dks0512
Popular Computers sets