Security Principles and Risk Management

These flashcards are designed to help reinforce key concepts and terminology from the lecture on Security Principles and Risk Management.

What does the CIA Triad stand for?

Confidentiality, Integrity, Availability

What is the objective of the Risk Management Process?

To identify, assess, and control risk.

What is the definition of Vulnerability in cybersecurity?

A gap or weakness in protection efforts that could cause a risk event to occur.

What is Non-repudiation?

The protection against an individual falsely denying having performed a particular action.

What is meant by 'Risk Appetite'?

The level of risk an entity is willing to assume to achieve a desired result.

What are the three common methods of authentication?

Something you KNOW, Something you HAVE, Something you ARE.

What is the purpose of security controls?

To protect the confidentiality, integrity, and availability of information systems.

What are the types of authentication?

Single-factor Authentication and Multi-factor Authentication.

Which document typically sets the strategic direction of an organization?

Policy.

What term describes a security control that helps prevent unauthorized access?

Physical control.

What is the primary goal of the (ISC)2 Code of Ethics?

To ensure safety and welfare of society and adhere to high ethical standards.