Risk Management and Disaster Recovery Lecture (lec 13)

These flashcards cover key concepts and terms related to risk management, disaster recovery, and cybersecurity based on the lecture notes.

Risk Management

The process of identifying, assessing, and controlling threats to an organization's capital and earnings.

Disaster Recovery Plan (DRP)

A documented process for recovering and protecting a business IT infrastructure in the event of a disaster.

Chief Information Security Officer (CISO)

An executive responsible for the security of information and data across an organization.

Cybersecurity Risk Assessment

The process of identifying, evaluating, and taking steps to minimize risk to digital assets.

Information Security Policies

Formalized rules and procedures for protecting an organization’s IT assets.

Firewalls

Network security devices that monitor incoming and outgoing network traffic based on predetermined security rules.

Intrusion Detection System (IDS)

A device or software application that monitors a network for malicious activities or policy violations.

Cryptography

The practice of secure communication in the presence of third parties.

Security Awareness Training

Educational programs that inform employees about cyber threats to reduce risks.

Business Continuity Planning (BCP)

A strategy to ensure critical business functions continue during a disaster.

Digital Forensics

The process of collecting, preserving, analyzing, and presenting electronic evidence.

Security in Layers

A strategy of applying multiple security measures to protect sensitive information.

Data Integrity

Ensuring the accuracy and consistency of data over its entire lifecycle.

Vulnerability Identification

The process of discovering weaknesses that could be exploited by attackers.

Social Engineering

Manipulative tactics used to trick individuals into divulging confidential information.