IS372-Chapter1

0.0(0)
studied byStudied by 2 people
0.0(0)
full-widthCall Kai
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
GameKnowt Play
Card Sorting

1/23

encourage image

There's no tags or description

Looks like no tags are added yet.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

24 Terms

1
New cards

What is Risk as defined in the textbook

The likelihood or probability that something unexpected is going to occur

2
New cards

What is Risk Management as defined in the textbook

The practice of identifying, assessing, controlling or mitigating risks

3
New cards

What is a threat as defined in the book

Any activity that represents a possible danger

4
New cards

What is a Vulnerability as defined in the book

A weakness 

5
New cards

What is an asset as defined in the book

Anything of value worth protecting

6
New cards

What are business functions

Activities a business performs to sell products or services

7
New cards

What are the 3 parts of the CIA triangle

Confidentiality, Integrity, Availability

8
New cards

What is confidentiality in reference to the CIA triangle

Preventing unauthorized disclosure of information

9
New cards

What is Integrity in reference to the CIA triangle

Ensuring any data or an IT system is not modified

10
New cards

What is Availability in reference to the CIA triangle

Ensuring data and services are available when needed

11
New cards

What is the term for when someone takes advantage of a vulnerability

Exploit

12
New cards

Assets can have both ____ and ____ value

tangible, intangible

13
New cards

Tangible is ____ objects while intangible is _____

physical, online/ not physical

14
New cards

______ are often the weakest link when it comes to security threats

Personnel

15
New cards

What is the difference between a intentional and accidental threat 

Intentional would be a malicious employee, wheras accidental could be a faulty application or natural disaster

16
New cards

What is the formula for value of an Asset

Risk = Threat x Vulnerability x Asset value

17
New cards

What’s the difference between Preventative and Detective controls

Preventative are meant to stop someone from entering wheras detective are meant to alert when someone gets in

18
New cards

What are risk management controls

Controls or actions put into place to reduce a weakness or potential loss

19
New cards

A loss of client confidence or public trust is an example of a loss of ____

Goodwill

20
New cards

A ___ is used to reduce a vulnerability

control

21
New cards

What are 3 things that can be done to manage a risk

Accept it, Transfer it, Avoid it

22
New cards

A company decided to reduce the losses of a risk by purchasing insurance which is known as risk ______

transfer

23
New cards

What is residual risk

The remaining risk after controls have been put in place

24
New cards

What is the primary reason to avoid risk 

The impact of the risk outweighs the benefit the asset