DEFINITIONS Flashcards
Software Development Security
uses secure coding practices, which are set of recommended guidelines that are used to create secure applications and services
security architecture and engineering
optimizes data security by ensuring effective tools, systems and processes are in
security and risk management
defines security goals and objectives, risk mitigation, compliance, business continuity and the law
security operations
conducting investigations and implementing preventative measures
security assessment and testing
conducting security control testing, collecting and analyzing data, and conducting security audits to monitor for risks, threats and vulnerabilities
identitity and access management
keeps data secure, by ensuring users follow established polices to control and manage physical assets
communication and network security
manage and secure physical networks and wireless communications
Threat Actor
Any person or group that presents a security risk
Social media phishing
A threat actor collects detailed information about their target from social media sites. Then, initiates an attack
Social engineering
is a manipulation technique that exploits human error to gain access to sensitive, private and valuable information
Physical social engineering
A threat actor impersonates a employer, customer or vendor to gain unauthorized access to a physical location
Spear phishing
a malicious email attach that targets a specific user or group of users. The email seems to originate from a trusted source
Malware
Software designed to harm devices and networks
Virus
a malware program that modifies other computer programs by inserting its own code to damage and/or destroy data
Phishing
the us of digital communication to trick a user or a group of users into revealing sensitive data or deploying a malicious software