CRISC - Certified in Risk and Information Systems Control term definition - Part 32

0.0(0)
Studied by 2 people
call kaiCall Kai
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
GameKnowt Play
Card Sorting

1/19

flashcard set

Earn XP

Description and Tags

IT Governance Basic

Computer Engineering

IT Security

IT Governance

IT Risk

IT Auditing

Graduate

Last updated 12:34 AM on 11/13/22
Name
Mastery
Learn
Test
Matching
Spaced
Call with Kai

No analytics yet

Send a link to your students to track their progress

20 Terms

1
New cards
Intrusion prevention
A preemptive approach to network security used to identify potential threats and respond to them to stop, or at least limit, damage or disruption
2
New cards
Intrusion prevention system (IPS)
A system designed to not only detect attacks, but also to prevent the intended victim hosts from being affected by the attacks
3
New cards
Investigation
The collection and analysis of evidence with the goal to identifying the perpetrator of an attack or unauthorized use or access
4
New cards
IP address
A unique binary number used to identify devices on a TCP/IP network
5
New cards
IP Authentication Header (AH)
Protocol used to provide connectionless integrity and data origin authentication for IP datagrams (hereafter referred to as just "integrity") and to provide protection against replays. (RFC 4302).
6
New cards
Irregularity
Violation of an established management policy or regulatory requirement. It may consist of deliberate misstatements or omission of information concerning the area under audit or the enterprise as a whole, gross negligence or unintentional illegal acts.
7
New cards
Job control language (JCL)
Used to control run routines in connection with performing tasks on a computer.
8
New cards
Journal entry
A debit or credit to a general ledger account, in Oracle. See also Manual Journal Entry.
9
New cards
Judgment sampling
Any sample that is selected subjectively or in such a manner that the sample selection process is not random or the sampling results are not evaluated mathematically.
10
New cards
Key goal indicator (KGI)
A measure that tells management, after the fact, whether an IT process has achieved its business requirements; usually expressed in terms of information criteria.
11
New cards
Key management practice
Management practices that are required to successfully execute business processes.
12
New cards
Key performance indicator (KPI)
A measure that determines how well the process is performing in enabling the goal to be reached.
13
New cards
Key risk indicator (KRI)
A subset of risk indicators that are highly relevant and possess a high probability of predicting or indicating important risk.
14
New cards
Knowledge portal
Refers to the repository of a core of information and knowledge for the extended enterprise. Generally a web-based implementation containing a core repository of information provided for the extended enterprise to resolve any issues
15
New cards
Kernel mode
Used for execution of privileged instructions for the internal operation of the system. In kernel mode, there are no protections from errors or malicious activity and all parts of the system and memory are accessible.
16
New cards
Key length
The size of the encryption key measured in bits
17
New cards
Keylogger
Software used to record all keystrokes on a computer
18
New cards
Latency
The time it takes a system and network delay to respond.
19
New cards
Leadership
The ability and process to translate vision into desired behaviors that are followed at all levels of the extended enterprise.
20
New cards
Leased line
A communication line permanently assigned to connect two points, as opposed to a dial-up line that is only available and open when a connection is made by dialing the target machine or network. Also known as a dedicated line.