Risk Assessment and Management

A collection of vocabulary flashcards focusing on key terms and concepts related to Risk Assessment and Incident Response in Cybersecurity.

Risk Assessment

The process of identifying and evaluating risks in order to mitigate their effects.

Incident Response

A strategy for addressing security breaches or cyberattacks on an organization.

Threat Modeling

A structured approach to identifying and prioritizing potential security threats.

PASTA

Process for Attack Simulation and Threat Analysis, a method that links business objectives to technical threats.

ATASM

Architecture, Threats, Attack Surfaces, Mitigations; a high-level framework for threat modeling.

STRIDE

A threat modeling framework that categorizes threats into Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege.

DREAD

A risk rating system used to prioritize threats based on Damage potential, Reproducibility, Exploitability, Affected users, and Discoverability.

Event

An observable occurrence in a network or system.

Adverse Event

An event that has a negative consequence, potentially caused by various factors.

Incident

A violation or imminent threat of violation of computer security policies.

Risk

The measure of the likelihood of a threat exploiting a vulnerability with potential harmful effects.

Assets

Resources that need to be protected, including tangible and intangible elements of an organization.

Vulnerability

Exploitable flaws or weaknesses in IT systems or processes that can be targeted by threats.

Threat

A potential for violation of security that exists when a circumstance or event could cause harm.

Mitigation

Actions taken to reduce or eliminate risks associated with threats and vulnerabilities.

What are the typical phases of an Incident Response Lifecycle?

1. Preparation 2. Detection and Analysis 3. Containment, Eradication, and Recovery 4. Post-Incident Activity (Lessons Learned)

Threat Actor

An individual, group, or entity that is responsible for a security incident or has the potential to cause harm to an organization's assets.

Security Control

A safeguard or countermeasure to avoid, detect, counteract, or minimize security risks to physical property, information, computer systems, or other assets.

Exploit

A piece of software, data, or sequence of commands that takes advantage of a bug or vulnerability in order to cause unintended or unanticipated behavior to occur on computer software, hardware, or something else usually computer-controlled.