Frameworks and Controls

Question 1

What is a security lifecycle?

Answer 1

A security lifecycle is a constantly evolving set of polies and standards.

Question 2

What Does CIA stand for

Answer 2

CIA is an abbreviation for Confidentiality, Integrity and Availability.

Question 3

What is CIA used for?

Answer 3

CIA is a standard that helps inform how organizations consider risk when setting up systems and security policies.

Question 4

What are security controls?

Answer 4

The are safeguards that are designed to mitigate specific security risks.

Question 5

What are security frameworks?

Answer 5

They are guidelines to build plans to help mitigate threats to data and privacy.

Question 6

NIST

Answer 6

National institute of Standards and Technology

Question 7

What does the NIST do?

Answer 7

Develops multiple voluntary complience frameworks that organizations around the world can use to help manage risk.

Question 8

Two examples of NIST frameworks

Answer 8

Cyber Security Framework (CSF) and Risk Management Framework (RMF)

Question 9

PII

Answer 9

Personally Identifiable Information

Question 10

SPII

Answer 10

Sensitive Personally Identifiable Information

Question 11

Examples of PII

Answer 11

Name, Surname, Email, Phone Number

Question 12

Examples of SPII

Answer 12

ID Number, Credit Card Information, Health Information

Question 13

SIEM

Answer 13

Security Information and Event Management