Studied by 4 people
IT Governance Basic
RS-232 interface
An interface between data terminal equipment and data communications equipment employing serial binary data interchange.
RSA
A public key cryptosystem developed by R. Rivest, A. Shamir and L. Adleman used for both encryption and digital signatures. The RSA has two different keys, the public encryption key and the secret decryption key. The strength of the RSA depends on the difficulty of the prime number factorization. For applications with high-level security, the number of the decryption key bits should be greater than 512 bits.
Rulebase
The list of rules and/or guidance that is used to analyze event data.
Run instructions
Computer operating instructions which detail the step-by-step processes that are to occur so an application system can be properly executed; also identifies how to address problems that occur during processing.
Run-to-run totals
Provide evidence that a program processes all input data and that it processed the data correctly.
Resource
Any enterprise asset that can help the organization achieve its objectives COBIT 5 perspective
Resource optimization
One of the governance objectives. Involves effective, efficient and responsible use of all resources—human, financial, equipment, facilities, etc. COBIT 5 perspective
Ransomware
Malware that restricts access to the compromised systems until a ransom demand is satisfied
Recovery
The phase in the incident response plan that ensures that affected systems or services are restored to a condition specified in the service delivery objectives (SDOs) or business continuity plan (BCP)
Registered ports
Registered ports--1024 through 49151: Listed by the IANA and on most systems can be used by ordinary user processes or programs executed by ordinary users
Regulation
Rules or laws defined and enforced by an authority to regulate conduct
Regulatory requirements
Rules or laws that regulate conduct and that the enterprise must obey to become compliant
Relevant information
Relating to controls, tells the evaluator something meaningful about the operation of the underlying controls or control component. Information that directly confirms the operation of controls is most relevant. Information that relates indirectly to the operation of controls can also be relevant, but is less relevant than direct information. Refer to COBIT 5 information quality goals
Reliable information
Information that is accurate, verifiable and from an objective source. Refer to COBIT 5 information quality goals
Remediation
After vulnerabilities are identified and assessed, appropriate remediation can take place to mitigate or eliminate the vulnerability
Removable media
Any type of storage device that can be removed from the system while is running
Replay
The ability to copy a message or stream of messages between two parties and replay (retransmit) them to one or more of the parties
Representation
A signed or oral statement issued by management to professionals, where management declares that a current or future fact (e.g., process, system, procedure, policy) is or will be in a certain state, to the best of management’s knowledge.
Return-oriented attacks
An exploit technique in which the attacker uses control of the call stack to indirectly execute cherry-picked machine instructions immediately prior to the return instruction in subroutines within the existing program code
Risk acceptance
If the risk is within the enterprise's risk tolerance or if the cost of otherwise mitigating the risk is higher than the potential loss, the enterprise can assume the risk and absorb any losses
Note
Flashcard