1/13
Looks like no tags are added yet.
Name | Mastery | Learn | Test | Matching | Spaced |
---|
No study sessions yet.
What does the CIA Triad stand for in cybersecurity?
Confidentiality, Integrity, Availability.
What is the role of a CISO?
The Chief Information Security Officer oversees an organization's information security strategy and implementation.
What does a SOC do?
A Security Operations Center monitors, detects, and responds to cybersecurity incidents.
What is an insider threat?
A security risk originating from within the organization, such as employees or contractors.
What is an outsider threat?
A threat from external sources like hackers or competitors.
What are the three types of security controls?
Administrative, Technical, and Physical.
What is Defense in Depth?
A layered security approach that uses multiple controls to protect assets.
What is risk management in cybersecurity?
The process of identifying, assessing, and mitigating risks to information assets.
What is the principle of Least Privilege?
Users should have only the access necessary to perform their job functions.
What is Separation of Duties?
Dividing responsibilities among different individuals to reduce risk of fraud or error.
What does STRIDE stand for in threat modeling?
Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, Elevation of Privilege.
Why is asset classification important?
It helps determine the level of protection needed for different types of data.
What is the difference between a policy, standard, and procedure?
A policy is a high-level statement of intent, a standard is a mandatory control, and a procedure is a detailed step-by-step guide.