IAS102 Flashcards
(42 cards)
INCLUDES HIGHLY SPECIALIZED REVIEW AND EVALUATION OF INCOMING CYBERSECURITY INFORMATION TO DETERMINE IF IT IS USEFUL FOR INTELLIGENCE.
ANALYZE
THIS GROUP OF CRIMINALS BREAKS INTO COMPUTERS OR NETWORKS TO GAIN ACCESS FOR VARIOUS REASONS.
HACKERS
TEENAGERS OR HOBBYISTS MOSTLY LIMITED TO PRANKS AND VANDALISM, HAVE LITTLE OR NO SKILL, OFTEN USING EXISTING TOOLS OR INSTRUCTIONS FOUND ON THE INTERNET TO LAUNCH ATTACKS.
SCRIPT KIDDIES
INVOLVE IDENTIFYING, ASSESSING AND CONTROLLING RISKS TO AN ORGANIZATIONS CAPITAL, EARNINGS, AND CRITICAL ASSETS
SECURITY AND RISK MANAGEMENT
REFERS TO PROTECTING INFORMATION FROM UNAUTHORIZED ACCESS
CONFIDENTIALITY
ALIGN SECURITY EFFORTS WITH THE OVERALL BUSINESS STRATEGY.
STRATEGY
ENSURE COMPLIANCE WITH RELEVANT REGULATIONS, STANDARDS AND POLICIES
CONFORMANCE
A SELF-CONTAINED PROGRAM THAT REPLICATES ITSELF AND SPREADS ITS COPIES TO OTHER COMPUTERS.
WORM
TYPE OF Cyber attack THAT USES EMAIL, SMS, PHONE, SOCIAL MEDIA, SOCIAL ENGINEERING TECHNIQUES TO ENTICE A VICTIM TO SHARE SENSITIVE INFORMATION- SUCH AS PASSWORDS OR ACCOUNT NUMBERS.
PHISHING
A TECHNIQUE THROUGH WHICH A CYBER CRIMINAL DISGUISES THEMSELVES AS A KNOWN OR TRUSTED SOURCE
SPOOFING
POSSESS THE INSIGHT TO RECOGNIZE THE INFLUENCE OF DATA AND HARNESS THAT POWER TO BUILD GREAT ORGANIZATIONS, PROVIDE SERVICES AND PROTECT PEOPLE FROM CYBER ATTACKS.
CYBERSECURITY SPECIALISTS
GREY HAT HACKERS WHO ATTEMPT TO DISCOVER EXPLOITS AND REPORT THEM TO VENDORS, SOMETIMES FOR PRIZES OR REWARDS.
VULNERABILITY BROKERS
DEPENDING ON A PERSON’S PERSPECTIVE, THESE ARE EITHER WHITE HAT OR BLACK HAT HACKERS WHO STEAL GOVERNMENT SECRETS, GATHER INTELLIGENCE, AND SABOTAGE NETWORKS.
STATE SPONSORED HACKERS
ATTACKERS BREAK INTO NETWORKS OR COMPUTER SYSTEMS TO DISCOVER WEAKNESSES IN ORDER TO IMPROVE THE SECURITY OF THESE SYSTEMS
WHITE HAT ATTACKERS
THE RESULT OF DATA SETS THAT ARE LARGE AND COMPLEX, MAKING TRADITIONAL DATA PROCESSING APPLICATIONS INADEQUATE
IMPACT OF BIG DATA
MEANS DATA ARE TRUSTWORTHY, COMPLETE AND HAVE NOT BEEN ACCIDENTALLY ALTERED OR MODIFIED BY AN UNAUTHORIZED USER.
INTEGRITY
MEANS DATA ARE ACCESSIBLE WHEN YOU NEED THEM
AVAILABILITY
CATEGORIES OF CYBERSECURITY WORK
1) OPERATE AND MAINTAIN
2) PROTECT AND DEFEND
3) INVESTIGATE
4) COLLECT AND OPERATE
5) ANALYZE
6) OVERSIGHT AND DEVELOPMENT
7) SECURELY PROVISION
SECURITY GOVERNANCE KEY PRINCIPLES
1) RESPONSIBILITY
2) STRATEGY
3) ACQUISITION
4) PERFORMANCE
5) CONFORMANCE
6) HUMAN BEHAVIOR
A PROCESS USED IN INFORMATION SECURITY TO CATEGORIZE DATA BASED ON ITS LEVEL OF SENSITIVITY AND IMPORTANCE
INFORMATION CLASSIFICATION
INVOLVES RESPONSIBILITY FOR THE MAINTENANCE, OPERATIONS, AND SECURITY OF A SPECIFIC IT SYSTEM.
SYSTEM OWNERSHIP
WHEN DATA OWNERSHIP IS CLEARLY ASSIGNED, THE DESIGNATED OWNER TAKES RESPONSIBILITY FOR MAINTAINING DATA ACCURACY, COMPLETENESS AND CONSISTENCY.
DATA QUALITY AND INTEGRITY
IN MANDATES STRICT CONSENT REQUIREMENTS AND GIVES INDIVIDUALS THE RIGHT TO ACCESS AND DELETE THEIR DATA
GENERAL DATA PROTECTION REGULATION (GDRP)
COMPANIES MAY USE PERSONAL DATA FOR PURPOSES BEYOND WHAT USERS CONSENTED TO, SUCH AS TARGETED ADVERTISING OR SELLING DATA TO THIRD PARTIES.
DATA MISUSE
