Term
|
Definition
| Formal written policies that describe proper and unacceptable behavior when using computer and network systems. For example, an acceptable use policy may set rules on what type of Web site browsing is permitted or if personal e-mails over the Internet are allowed. |
|
|
Term
|
Definition
| An agent is a piece of code that sits on the distributed device. As in the case of the virus scan, the agent software periodically reports back to the central management tool. (pg. 337) |
|
|
Term
|
Definition
| An agent-less central management tool has the ability and authority to reach out and connect to distributed devices. Unlike the malware example where the agent software pulls the updates onto the device, the agent-less software is centrally housed and pushes the changes to the device. (pg. 338) |
|
|
Term
|
Definition
| The act of recording relevant security events that occur on a computing or network device (server, workstation, firewall, etc.). Can also refer to a review of business and financial processes and files by an auditor. |
|
|
Term
|
Definition
| The process of granting permission to some people to access systems, applications, and data. |
|
|
Term
| Automatic declassification |
|
Definition
| Automatically removing a classification after a certain period of time, such as 25 years. |
|
|
Term
|
Definition
| Technical documents describing security controls for a specific technology. |
|
|
Term
|
Definition
| A leading technique, methodology, or technology that through experience has proved to be very reliable. Best practices tend to produce consistent and quality results. |
|
|
Term
|
Definition
| In terms of information security, refers to adding information security as a distinct layer of control. Bolt-on security is the opposite of integrated security, in which information security controls are an integral part of the process design and not a separate distinct layer. |
|
|
Term
|
Definition
| A plan on how to continue business after a disaster. A BCP includes a disaster recovery plan (DRP) as a component. |
|
|
Term
| Business recovery plan (BCP) |
|
Definition
| Plan to sustain essential business operations for the duration of the disaster. |
|
|
Term
| Business continuity representative |
|
Definition
| An individual who understands the organization's capability to restore the system, application, network, or data. This individual also has access to call lists to contact anyone in the organization during off hours. |
|
|
Term
|
Definition
| A legal term referring to how evidence is documented and protected. Evidence must be documented and protected from the time it's obtained to the time it's presented in court. |
|
|
Term
|
Definition
| Relates to the impact on the business for failing to comply with legal obligations. |
|
|
Term
| Continuity of operations plan |
|
Definition
| A plan that provides the detail procedures and processes needed to coordinate operations during a disaster. |
|
|
Term
| Continuity of support plan/IT contingency plan |
|
Definition
| Plan to recover major systems and applications. |
|
|
Term
| Control objectives for information and related technology (COBIT) |
|
Definition
| A widely accepted framework that brings together business and control requirements with technical issues. |
|
|
Term
|
Definition
| Policy documents describing core security control requirements. |
|
|
Term
|
Definition
| Assets that are essential for the society and economy to function. |
|
|
Term
|
Definition
| Implements policies and procedures such as backup, versioning, uploading, downloading, and database administration. |
|
|
Term
|
Definition
| Level of protection based on data type. |
|
|
Term
|
Definition
| Unauthorized sharing of sensitive company information, whether intentional or accidental. |
|
|
Term
| Data security administrator |
|
Definition
| Grants access rights and assesses information security threats to organization. |
|
|
Term
|
Definition
| Owner of data and approver of access rights; responsible for data quality. |
|
|
Term
|
Definition
| The process of changing the status of classified data to unclassified data. |
|
|
Term
|
Definition
| A plan to recover an organization's IT assets during a disaster, including software, data, and hardware. |
|
|
Term
|
Definition
| A legal term that refers to effort made to avoid harm to another party. It essentially refers to the care that a person would reasonably be expected to see under particular circumstances. |
|
|
Term
| Enterprise risk management (ERM) |
|
Definition
| A framework that aligns strategic goals, operations effectiveness, reporting, and compliance objectives; not technology specific. |
|
|
Term
|
Definition
| Events that could potentially impact the business when it fails to provide adequate liquidity to meet its obligations. |
|
|
Term
|
Definition
| The highest ranking lawyer in an organization, who usually reports to the president or chief executive officer. He or she is asked to give legal opinions on various organization issues, participate in contract negotiations, and to act as a liaison with outside law firms retained by the organization. |
|
|
Term
| Governance, risk management and compliance |
|
Definition
| A set of tools that bring together the capabilities to systematically manage risk and policy compliance. |
|
|
Term
|
Definition
| The parameters within which a policy, standard, or procedure recommended when possible but are optional. |
|
|
Term
| Highly sensitive classification |
|
Definition
| A classification level used to protect highly regulated data or strategic information. |
|
|
Term
| Human resources representative |
|
Definition
| An individual who is an expert on HR policies and disciplinary proceedings or employee counseling. |
|
|
Term
|
Definition
| An event that violates an organization's security policies. |
|
|
Term
|
Definition
| If you have an incident, a weakness in your security has been exploited. Classifying the incident you can better understand the threat and the weakness. (pg. 298) |
|
|
Term
|
Definition
| A specialized group of people whose purpose is to respond to major incidents. |
|
|
Term
| Information security representative |
|
Definition
| In the context of an IRT team, an information security representative provides risk management and analytical skills. A representative may also have specialized forensic skills for collecting and analyzing evidence. |
|
|
Term
| Information technology subject matter experts |
|
Definition
| An individual who has intimate knowledge of the systems and configurations of an organization. This individual is typically a developer, system administrator or network administrators. He or she has the needed technical skills to make critical recommendations on how to top an attack. |
|
|
Term
|
Definition
| An employee, consultant, contractor, or vendor. The insider may even be the IT technical people who designed the system, application, or security that is being hacked. The insider knows the organization and the applications. |
|
|
Term
|
Definition
| A classification level for data that would cause disruption to daily operations and some financial loss to the business if leaked. |
|
|
Term
| International organization for standardization |
|
Definition
| An organization that creates widely accepted international standards on information security and IT risks. |
|
|
Term
| Intrusion detection system |
|
Definition
| A series of software agents, appliances, and servers that monitor for network activity that is deemed a threat, alerts administrators, and logs the information. IDSs operate by matching signatures of known possible network attack traffic or by building over time a baseline of normal behavior then alerting on traffic that is anomalous to that normal pattern of behavior. |
|
|
Term
|
Definition
| Any rules prescribed under the authority of a government entity. Establishes legal thresholds. |
|
|
Term
| Layered security approach |
|
Definition
| Having two or more layers of independent controls to reduce risk. |
|
|
Term
|
Definition
| An individual who has an understanding of laws and regulatory compliance. |
|
|
Term
|
Definition
| Is a separate platform used to collect logs from platforms throughout the network. |
|
|
Term
|
Definition
| An attack using viruses, worms, Trojan horses, and scripts. Such an attack is launched to gain access to systems, applications, and data. |
|
|
Term
| Mandatory declassification |
|
Definition
| A process of reviewing specific records when requested and declassifying them if warranted. |
|
|
Term
|
Definition
| An event that disrupts the daily activities of an organization. |
|
|
Term
|
Definition
| When a hacker outlines a story in which the employee is asked to reveal information that weakens the security. |
|
|
Term
| Privileged-level access agreement |
|
Definition
| Designed to heighten the awareness and accountability of those users with administrator rights. |
|
|
Term
|
Definition
| Processes to implement control and baseline standards. |
|
|
Term
|
Definition
| A classification level for data that has no negative impact on the business if released to the public. |
|
|
Term
| Public relations representative |
|
Definition
| In the context of an IRT team, it is an individual who can advise on how to communicate to the public and customers that might be impacted by the incident. This person is valuable in ensuring that accurate information gets out and damaging misconceptions are prevented. |
|
|
Term
|
Definition
| Established rules of what an organization has to do to meet legal requirements. |
|
|
Term
|
Definition
| Understanding risks and determining how much potential risk and related problems the business is willing to accept. |
|
|
Term
|
Definition
| A domain in the ISACA Risk IT framework that calls for analyzing risk and determining impact on the business. |
|
|
Term
|
Definition
| A domain in the ISACA Risk IT framework that ensures that risk management activity aligns with the business goals, objectives, and tolerances. |
|
|
Term
|
Definition
| A domain in the ISACA Risk IT framework that specifies the ability to react so that risks are reduced and remedied in a cost-effective manner |
|
|
Term
| Security awareness policy |
|
Definition
| Training about security policies, threats, and handling of digital assets. |
|
|
Term
|
Definition
| A classification level for data that would mean significant financial loss if leaked. |
|
|
Term
|
Definition
| Underlying principle states that no individual should be able to execute a high-risk transaction or conceal errors or fraud in the normal course of their duties. |
|
|
Term
|
Definition
| Manipulating or tricking a person into weakening the security of an organization. |
|
|
Term
|
Definition
| An event that may change how the entire organization operates. |
|
|
Term
|
Definition
| An individual who has extensive knowledge in a particular field. |
|
|
Term
| Systematic declassification |
|
Definition
| A process of reviewing records exempted from automatic declassification and then removing the data from classification. |
|
|
Term
|
Definition
| An IT individual who provides administrative support to the systems and databases. |
|
|
