Shared Flashcard Set

Details

CompTIA Sec+ 5.3
Risk management processes and concepts
19
Computer Science
Professional
12/01/2018
Click here to study/print these flashcards.

Create your own flash cards! Sign up here.

Additional Computer Science Flashcards

 

 

Cards

Term
Threat assessment
 Definition
- Environmental
- Manmade
- Internal vs. external
Term
Environmental
 Definition
-Tornado, earthquake, severe weather
Term
Man-made Internal
 Definition
-Disgruntled employees
Term
Man-made External
 Definition
-Hackers
-Outside organizations
Term
Risk assessment
 Definition
- SLE
- ALE
- ARO
- Asset value
- Risk register
- Likelihood of occurrence
- Supply chain assessment
- Impact
- Quantitative
- Qualitative
- Testing
- Risk response techniques
Term
Single Loss Expectancy (SLE)
 Definition
If this single event occurs, loss or destruction, what is the cost of recovery or replacement
Term
Annual Loss Expectancy (ALE)
 Definition
-how many events might happen in an entire year.
-Multiply the cost of a single event by the number of events
Term
Annualized Rate of Occurrence (ARO)
 Definition
-Likelihood that something will occur
-Example: how often in a single year might you be hit by a hurricane
Term
Asset value
 Definition
The cost for replacing an asset
Term
Risk register
 Definition
-List of risks to an organization or project phase.
-ALso Lists of Mitigations to risk
Term
Likelihood of occurrence
 Definition
-a quantitative analysis of the threats that you may be faced with
-Chances that a threat will affect you
Term
Supply chain assessment
 Definition
-Determining where obtaining needed services or goods from suppliers is inefficient
Term
Impact
 Definition
Assessment of how losing critical systems or essential functions will cost the business
-Lost revenue, reputation, market share
Term
Quantitative
 Definition
-Analysis of cost of items
-Analysis of numbers of items
-Things that can be measured and counted
Term
Qualitative
 Definition
-to be able to determine where the risk may be
-identify different risk factors and then identify categories of risks associated with those
Term
Testing
 Definition
- Penetration testing authorization
- Vulnerability testing
authorization
Term
Risk response techniques
 Definition
- Accept
- Transfer
- Avoid
- Mitigate
Term
Change management
 Definition
-One of the most common ways to minimize risk in an organization
-identifies and controls any type of change
Term
3-2-1 Backup Rule
 Definition
keep at least three (3) copies of your data, and store two (2) backup copies on different storage media, with one (1) of them located offsite
Supporting users have an ad free experience!