Chapter 11: Cybersecurity Maintenance Key Terms

0.0(0)
studied byStudied by 0 people
0.0(0)
full-widthCall Kai
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
GameKnowt Play
Card Sorting

1/14

encourage image

There's no tags or description

Looks like no tags are added yet.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

15 Terms

1
New cards

configuration and change management (CCM)

The approach that uses policies, procedures, techniques, and tools to manage and evaluate proposed changes, track changes through completion, and maintain system inventories and documentation.

2
New cards

configuration management (CM)

An approach to implementing system changes using policies, procedures, techniques, and tools to evaluate proposed changes, track completion, and maintain inventories and documentation.

3
New cards

auditing

The review of a system’s use to determine whether misuse or malfeasance has occurred.

4
New cards

external monitoring domain

The maintenance model component focused on evaluating external threats to an organization’s information assets.

5
New cards

internal monitoring domain

The maintenance model component focused on identifying, assessing, and managing the configuration and status of an organization’s information assets.

6
New cards

difference analysis

A procedure that compares the current state of a network segment to a previous baseline to identify changes.

7
New cards

planning and risk assessment domain

The maintenance model component focused on identifying and planning cybersecurity activities and managing risks introduced through IT and cybersecurity projects.

8
New cards

vulnerability assessment and remediation domain

The maintenance model component focused on documenting vulnerabilities and remediating them in a timely manner.

9
New cards

vulnerability assessment

The process of identifying and documenting provable flaws in an organization’s information asset environment.

10
New cards

penetration testing

The investigation, assessment, and evaluation of a system by authorized individuals emulating an attack.

11
New cards

pen testing

The investigation, assessment, and evaluation of a system by authorized individuals emulating an attack.

12
New cards

Internet vulnerability assessment

An assessment designed to find and document vulnerabilities present in an organization’s public network.

13
New cards

intranet vulnerability assessment

An assessment designed to find and document selected vulnerabilities present on an organization’s internal network.

14
New cards

platform security validation (PSV)

An assessment approach used to find and document vulnerabilities caused by misconfigured systems inside an organization.

15
New cards

wireless vulnerability assessment

An assessment approach designed to find and document vulnerabilities present in an organization’s wireless local area networks.