Adequate Security - Answer- Security commensurate with the risk and the magnitude of harm resulting from the loss, misuse or unauthorized access to or modification of information. Source: OMB Circular A-130
Administrative Controls - Answer- Controls implemented through policy and procedures. Exa...
ISC2 CERTIFIED IN CYBERSECURITY (CC)
Adequate Security - Answer- Security commensurate with the risk and the magnitude of
harm resulting from the loss, misuse or unauthorized access to or modification of information. Source: OMB Circular A-130
Administrative Controls - Answer- Controls implemented through policy and procedures.
Examples include access control processes and requiring multiple personnel to conduct
a specific operation. Administrative controls in modern environments are often enforced in conjunction with physical and/or technical controls, such as an access-granting policy
for new users that requires login and approval by the hiring manager.
Adverse Events - Answer- Events with a negative consequence, such as system crashes, network packet floods, unauthorized use of system privileges, defacement of a
web page or execution of malicious code that destroys data.
Application Programming Interface (API) - Answer- A set of routines, standards, protocols, and tools for building software applications to access a web-based software application or web tool.
Application Server - Answer- A computer responsible for hosting applications to user workstations. NIST SP 800-82 Rev.2
Artificial Intelligence - Answer- The ability of computers and robots to simulate human intelligence and behavior.
Asset - Answer- Anything of value that is owned by an organization. Assets include both
tangible items such as information systems and physical property and intangible assets such as intellectual property.
Asymmetric Encryption - Answer- An algorithm that uses one key to encrypt and a different key to decrypt the input plaintext.
Audit - Answer- Independent review and examination of records and activities to assess
the adequacy of system controls, to ensure compliance with established policies and operational procedures. NIST SP 1800-15B
Authentication - Answer- Access control process validating that the identity being claimed by a user or entity is known to the system, by comparing one (single-factor or SFA) or more (multi-factor authentication or MFA) factors of identification.
Authorization - Answer- The right or a permission that is granted to a system entity to access a system resource. NIST 800-82 Rev.2
Availability - Answer- Ensuring timely and reliable access to and use of information by authorized users. Baseline - Answer- A documented, lowest level of security configuration allowed by a standard or organization.
Biometric - Answer- Biological characteristics of an individual, such as a fingerprint, hand geometry, voice, or iris patterns.
Bit - Answer- The most essential representation of data (zero or one) at Layer 1 of the Open Systems Interconnection (OSI) model.
Bot - Answer- Malicious code that acts like a remotely controlled "robot" for an attacker, with other Trojan and worm capabilities.
Breach - Answer- The loss of control, compromise, unauthorized disclosure, unauthorized acquisition or any similar occurrence where: a person other than an authorized user accesses or potentially accesses personally identifiable information; or an authorized user accesses personally identifiable information for other than an authorized purpose. Source: NIST SP 800-53 Rev. 5
Broadcast - Answer- Broadcast transmission is a one-to-many (one-to-everyone) form of sending internet traffic.
Business Continuity (BC) - Answer- Actions, processes and tools for ensuring an organization can continue critical operations during a contingency.
Business Continuity Plan (BCP) - Answer- The documentation of a predetermined set of
instructions or procedures that describe how an organization's mission/business processes will be sustained during and after a significant disruption.
Business Impact Analysis (BIA) - Answer- An analysis of an information system's requirements, functions, and interdependencies used to characterize system contingency requirements and priorities in the event of a significant disruption. NIST SP 800-34 Rev. 1
Byte - Answer- The byte is a unit of digital information that most commonly consists of eight bits.
Checksum - Answer- A digit representing the sum of the correct digits in a piece of stored or transmitted digital data, against which later comparisons can be made to detect errors in the data.
Ciphertext - Answer- The altered form of a plaintext message so it is unreadable for anyone except the intended recipients. In other words, it has been turned into a secret.
Classification - Answer- Classification identifies the degree of harm to the organization, its stakeholders or others that might result if an information asset is divulged to an
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Greaterheights. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $12.99. You're not tied to anything after your purchase.
