Security Plus SY0-701: Section 5

CIA

Confidentiality, Integrity, Availability

AUP

Acceptable Use Policy - Rules or guidelines for the proper use of technology or digital devices within an organization.

Business Continuity Plan

A plan for how an organization will recover and restore partially or completely interrupted critical function(s) within a predetermined time after a disaster or extended disruption

Incident Response Roles

• Incident response team

- Specialized group, trained and tested

• IT security management

- Corporate support

• Compliance officers

- Intricate knowledge of compliance rules

• Technical staff

- Your team in the trenches

• User community

- They see everything

NIST SP800-61

National Institute of Standards and Technology, computer security incident handling guide. Response lifecycle when an incident arises

SDLC

Software Development Life Cycle. A software development process. Many different models are available. Agile vs waterfall

Change Management

Process of making sure changes are made smoothly and efficiently and do not negatively affect systems reliability, security, confidentiality, integrity, and availability.

AD

Active Directory, a directory service developed by Microsoft for managing user accounts, computer objects, groups, and other resources on a network

Playbooks

A set of procedures detailing the steps to take when an event has been detected.

SOAR Platform

Security Orchestration, Automation and Response (SOAR) platforms enhance SIEM capabilities. Technologies that enable organizations to collect inputs monitored by the security operations team. SOAR tools allow an organization to define incident analysis and response procedures in a digital workflow format

Boards

A panel of specialists that sets tasks or requirements for the committee

Committee

Subject-matter experts that consider the input from a board, determines the next steps for a topic at hand, and presents the results to the board

SOX

Sarbanes-Oxley Act. This law requires publicly traded companies and their independent auditors to demonstrate that their numbers are accurate and that they have processes in place to ensure accurate reporting. Part of a regulation on how to conduct business or other various activities

HIPAA

Health Insurance Portability and Accountability Act,

Extensive healthcare standards for storage, use, and transmission of health care information

Data Controller

An organization that has the authority to decide how and why personal information is to be processed. The controller is responsible for compliance with data protection laws and a data controller determines the purposes and means of processing personal data

Data Processor

An individual or organization, often a third-party outsourcing service, that processes data on behalf of the data controller.

Data Roles

- Owner

- Steward/Custodian

- Privacy Officer

Ad Hoc assessment

An organization may not have a formal risk assessment process

- Perform an assessment when the situation requires

CEO is back from a conference

- Wants to know if the organization is protected from a new type of attack

A committee is created and risk assessment proceeds

- Once assessment is completed, the committee is disbanded

- There may not be a need to investigate this specific risk again

Qualitative Risk Assessment

A risk assessment that uses judgment to categorize risks. it is based on impact and likelihood of occurrence.

ARO

Annualized Rate of Occurrence, how often something will happen

AV

Asset Value, value of the asset to the organization

EF

exposure factor - the potential percentage of loss to an asset if a threat is realized

SLE

Single Loss Expectancy, monetary value lost if a single event occurs. Use asset value (AV) x Exposure factor (EF)

Risk Appetite

The degree of uncertainty an entity is willing to take on, in anticipation of a reward.

ALE

Annualized Loss Expectancy

ARO x SLE

Risk Tolerance

The degree, amount, or volume of risk that an organization or individual will withstand. Risk tolerance is slightly higher than risk appetite

Risk Register

A document in which the results of risk analysis and risk response planning are recorded.

RTO

Recovery Time Objective. An RTO identifies the maximum amount of time it can take to restore a system after an outage. It is related to the RPO and the BIA often includes both RTOs and RPOs.

RPO

Recovery Point Objective. A Recovery Point Objective identifies a point in time where data loss is acceptable. It is related to the RTO and the BIA often includes both RTOs and RPOs.

MTTR

Mean Time to Repair--Describes how long it will take to recover a failed system.

MTBF

Mean time between failures. A metric that provides a measure of a system's reliability and is usually represented in hours. The MTBF identifies the average time between failures.

SLA

Service level agreement. An agreement between a company and a vendor that stipulates performance expectations, such as minimum uptime and maximum downtime levels.

MOU

Memorandum of Understanding, Both sides of a company and a vendor agree in general to the contents of the memorandum. Usually states common goals but not much else

MOA

(Memorandum of Agreement) Legal document forming the basis for two parties to cooperate without a formal contract (a cooperative agreement). MOAs are often used by public bodies.

MSA

A statement of work is a document routinely employed in the field of project management. It is the narrative description of a project's work requirement. It defines project-specific activities, deliverables and timelines for a vendor providing services to the client.

WO

Work order

SOW

A statement of work is a document routinely employed in the field of project management. It is the narrative description of a project's work requirement. It defines project-specific activities, deliverables and timelines for a vendor providing services to the client.

BPA

Business partners agreement. A written agreement that details the relationship between business partners, including their obligations toward the partnership.