Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
31 Cards in this Set
- Front
- Back
This person Reports directly to the Chief Information Officer. Responsible for assessing, managing, and implement security.
|
Chief Information Security Officer
|
|
This person reports to the CISO and supervises technicians, administrators, and security staff. Typically this person works on tasks identified by the CISO and resolves issues identified by technicians. This position requires an understanding of configuration and operation but not necessarily technical mastery.
|
Security Manager
|
|
This person has both technical knowledge and managerial skills. Manages daily operations of security technology, and may analyze and design security solutions within a specific entity as well as identifying user needs.
|
Security Administrator
|
|
This position is generally an entry level position for a person who has the necessary technical skills. This person provides technical support to configure security hardware, implement security software, and diagnose and troubleshoot problems.
|
Security Technician
|
|
Is a specific and fail-safe solution that very quickly and easily solves a serious problem.
|
Silver Bullet
|
|
List 10 things that cause difficulties in defending against attacks.
|
1. Universally connected devices 2. Increased speed of attacks 3. Greater sophistication of attacks 4. Availability and simplicity of attack tools 5. Faster detection of vulnerabilities 6. Delays in security updating 7. Weak security update distribution 8. Distributed attacks 9. Introduction of BYOD 10. User confusion |
|
Universally connected devices
|
Attackers from anywhere in the world can send an attack.
|
|
Increased speed of attacks
|
Attackers can launch attacks against millions of computers within minutes.
|
|
Greater sophistication of attacks
|
Attack tools vary their behavior so the same attack appears differently each time.
|
|
Availability and simplicity of attack tools
|
Attacks are no longer limited to highly skilled attackers.
|
|
Faster detection of vulnerabilities
|
Attackers can discover security holes in hardware or software more quickly.
|
|
Delays in security updating
|
Vendors are overwhelmed trying to keep pace updating their products against the latest attacks.
|
|
Weak security update distribution
|
Many software products lack the means to distribute security updates in a timely fashion.
|
|
Distributed Attacks
|
Attackers use thousands of computers in an attack against a single computer or network.
|
|
Introduction of BYOD (Bring Your Own Device)
|
Organizations are having difficulty providing security for a wide array of personal devices.
|
|
User Confusion
|
Users are required to make difficult security decisions with little or no instruction.
|
|
Security - General Definition
|
To take the necessary steps to protect a person or property from harm.
|
|
The more "secure" something is the less _______ it will likely be.
|
Convenient
|
|
What is Information Security frequently described as?
|
Described as securing information that is in a digital format.
|
|
3 Protections that must be extended over information
|
1. Confidentiality 2. Integrity 3. Availability |
|
What is "AAA"?
|
1. Authentication 2. Authorization 3. Accounting |
|
Ensures that the individual is who she claims to be (the
authentic or genuine person) and not an imposter. |
Authentication
|
|
is providing permission or approval to specific technology resources.
|
Authorization
|
|
provides tracking of events. This may include a record of who accessed the web server, from what location, and at what specific time.
|
Accounting
|
|
Information security is achieved through a process that is a combination of three entities. Name them?
|
products, people, and policies and procedures.
|
|
Comprehensive definition of information security?
|
defined as that which protects the integrity, confidentiality, and availability of information on the devices that store, manipulate, and transmit the information through products, people, and procedures.
|
|
Data that has been collected,
classified, organized, and stored in various forms |
Information
|
|
Software that supports the business processes of the organization
|
Customized business software
|
|
Software that provides the foundation for application software
|
System Software
|
|
Computers equipment, communications equipment, storage media, furniture, and
fixtures are all? |
Physical Items
|
|
Services
|
Outsourced computing services
|