Part 3 Flashcards Preview

Information Security Fundamentals > Part 3 > Flashcards

Flashcards in Part 3 Deck (18)
Loading flashcards...
0

Evaluate the ____

Risks and Threats

1

TEN STEPS TO BUILDING A SECURE ORGANIZATION

Having identified some of the challenges to building a secure organization, let’s now look at 10 ways to successfully build a secure organization.
The following steps will put a business in a robust
____

security posture.

2

Another approach is to begin by evaluating the ____.

threats posed to your organization and your data

3

Threats Based on the Infrastructure Model

The first place to start is to ____ based on an organization’s infrastructure model.

identify risks

4

What ____ is in place that is necessary to support the operational needs of the business?

infrastructure

5

A small business that operates out of one office has ___ as opposed to an organization that operates out of numerous facilities, includes a mobile workforce utilizing a variety of handheld devices, and offers products or services through a Web-based interface.

reduced risks

6

An organization that has a large number of telecommuters must take steps to protect its ____ that could potentially reside on personally owned computers outside company control.

proprietary information

7

An organization that has widely dispersed and disparate systems will have more ____ than a centrally located one that utilizes uniform systems.

risk potential

8

Threats Based on ____

Are there any specific threats for your particular business?

the Business Itself

9

Threats Based on ____

Businesses belonging to particular industries are targeted more frequently and with more dedication than those in other industries.

Industry

10

Financial institutions and online retail- ers are targeted because ____

“that’s where the money is.”

11

Pharmaceutical manufacturers could be targeted to steal ____, but they also could be targeted by special interest groups, such as those that do not believe in testing drugs on live animals.

intellectual property

12

Global Threats

Businesses are often so narrowly focused on their local sphere of influence that they forget that by having a network connected to the Internet, they are now ____

connected to the rest of the world.

13

If a piece of malware identified on the other side of the globe targets the ____ used in your organization, you can be sure that you will eventually be impacted by this malware.

identical software

14

Once threats and risks are identified, you can take one of four steps:

Ignore the risk. This is never an acceptable response. This is simply burying your head in the sand and hoping the problem will go away—the business equivalent of _____

not wearing a helmet when riding a motorcycle.

15

_____ When the cost to remove the risk is greater than the risk itself, an organization will often decide to simply _____ This is a viable option as long as the organization has spent the time required to evaluate the risk.

Accept the risk.

16

____ Organizations with limited staff or other resources could decide to ____. One method of ______ is to purchase specialized insurance targeted at a specific risk.

Transfer the risk.

17

_____. Most organizations ______by applying the appropriate resources to minimize the risks posed to their network.

Mitigate the risk