Security and Risk Management Overview

A set of flashcards covering key vocabulary related to the Security and Risk Management domain.

Professional Ethics

The principles that guide individuals to act with integrity, confidentiality, and accountability in cyber security.

CIA Triad

A model that stands for Confidentiality, Integrity, and Availability in information security.

Encryption

The process of encoding information to protect its confidentiality during transmission.

Risk Management

A systematic process for identifying, assessing, and mitigating risks to organizational assets.

Business Continuity Planning (BCP)

Strategies to maintain essential functions during disruptive events, ensuring resilience.

Acceptable Use Policy (AUP)

Policies outlining acceptable and unacceptable use of company resources.

Threat Modeling

A structured approach to identifying and mitigating potential security threats to systems.

Supply Chain Risk Management

Assessing and mitigating risks associated with acquiring products and services from suppliers.

Simulated Phishing Exercises

Training activities designed to raise employee awareness about phishing threats through real-world scenarios.

Legal and Regulatory Compliance

Adhering to laws and regulations to protect sensitive information and individual privacy.