Computer Science > EXAM > CyberRookie CSX Fundamentals - Section 2: Cybersecurity Concepts (All)
Core duty of cybersecurity Correct Answer: to identify, mitigate and manage cyberrisk to an organization's digital assets Assessing risk Correct Answer: one of the most critical functions of a cy... bersecurity organization Dependent on understanding the risk and threats an organization faces Correct Answer: Effective policies, security implementations, resource allocation and incident response preparedness (3) three different approaches to implementing cybersecurity Correct Answer: Compliance-based, Risk-based, Ad hoc Compliance-based Correct Answer: Also known as standards-based security, this approach relies on regulations or standards to determine security implementations. Controls are implemented regardless of their applicability or necessity, which often leads to a "checklist" attitude toward security. Risk-based Correct Answer: relies on identifying the unique risk a particular organization faces and designing and implementing security controls to address that risk above and beyond the entity's risk tolerance and business needs. Ad hoc Correct Answer: implements security with no particular rationale or criteria. Driven by vendor marketing, or they may reflect insufficient subject matter expertise, knowledge or training when designing and implementing safeguards. Most organizations with mature security programs use a combination of these two (2) approaches. Correct Answer: risk-based and compliance-based Require risk assessments to drive the particular implementation of the required controls. Correct Answer: Payment Card Industry Data Security Standard (PCIDSS) or the US Health Insurance Portability and Accountability Act (HIPAA). Risk Correct Answer: The combination of the probability of an event and its consequence and mitigated through the use of controls or safeguards. Threat Correct Answer: Anything (e.g., object, substance, human) that is capable of acting against an asset in a manner that can result in harm. A potential cause of an unwanted incident. Threat source Correct Answer: as the actual process or agent attempting to cause harm Threat event Correct Answer: as the result or outcome of a threat agent's malicious activity. [Show More]
Last updated: 1 year ago
Preview 1 out of 10 pages
Connected school, study & course
About the document
Uploaded On
Nov 01, 2022
Number of pages
10
Written in
This document has been written for:
Uploaded
Nov 01, 2022
Downloads
0
Views
97
In Browsegrades, a student can earn by offering help to other student. Students can help other students with materials by upploading their notes and earn money.
We're available through e-mail, Twitter, Facebook, and live chat.
FAQ
Questions? Leave a message!
Copyright © Browsegrades · High quality services·