Term
| acceptable use policy (AUP) |
|
Definition
| A policy that defines the actions users may perform while accessing systems and networking equipment. |
|
|
Term
|
Definition
| An instructional approach for teaching adults |
|
|
Term
|
Definition
A policy that defines how changes will be managed and
documented |
|
|
Term
| classification of information policy |
|
Definition
A policy to produce a standardized framework for
classifying information assets |
|
|
Term
|
Definition
An e-mail message containing a false warning to the recipient of a malicious
entity circulating through the internet. |
|
|
Term
| disposal and destruction policy |
|
Definition
A policy that addresses the disposal of resources that are
considered confidential |
|
|
Term
|
Definition
The obligations that are imposed on owners and operators of assets to exercise
reasonable care of the assets and take necessary precautions to protect them . |
|
|
Term
|
Definition
| An investigation that will examine all material facts. |
|
|
Term
|
Definition
The principle of treating a1l accused persons in an equal fashion, using established
rules and principles |
|
|
Term
|
Definition
Digging through trash receptacles to find computer manuals, printouts,
or password lists that have been throw n away |
|
|
Term
|
Definition
A policy intended to be a central guide and reference for employees in
support of day-to-day decision making. |
|
|
Term
|
Definition
Phishing that involves phishers setting up their own search engines to
direct traffic to illegitimate sites. |
|
|
Term
|
Definition
| A collection of suggestions that should be implemented |
|
|
Term
| password management and complexity policy |
|
Definition
A policy that addresses how passwords
are created and managed. |
|
|
Term
|
Definition
| An instructional approach for teaching children. |
|
|
Term
| personally identifiable information (PII) policy |
|
Definition
A policy that outlines how the organization
uses personal information it collects |
|
|
Term
|
Definition
| Phishing that automatically redirects the user to a fake site. |
|
|
Term
|
Definition
An attack that sends an e-mail or displaying a Web announcement that falsely claims to be from a legitimate enterprise in an attempt to trick the user into surrendering
private information. |
|
|
Term
|
Definition
| A document that outlines specific requirements or rules that must be met. |
|
|
Term
|
Definition
The systematic and structured approach to managing the potential
for loss that is related to a threat. |
|
|
Term
|
Definition
A written document that states how an organization plans to protect the
company's information technology assets. |
|
|
Term
| security-related human resource policy |
|
Definition
Policy that addresses security as it relates to
human resources. |
|
|
Term
| Service Level Agreement (SLA) |
|
Definition
| A service contract between a vendor and a client. |
|
|
Term
| service Level agreement (SLA) policy |
|
Definition
| A policy that governs the conditions to be contained in the SLA |
|
|
Term
|
Definition
| Watching an individual enter a security code or password on a keypad. |
|
|
Term
|
Definition
An attack that relies on tricking and deception to provide secure
information. |
|
|
Term
|
Definition
| Phishing that targets only specific users. |
|
|
Term
|
Definition
A collection of requirements specific to the system or procedure that must be
met by everyone. |
|
|
