Shared Flashcard Set

Details

Security+ SY0-501 1 Managing Risk
Security+ SY0-501 1 Managing Risk
20
Other
Not Applicable
08/07/2018

Additional Other Flashcards

 


 

Cards

Term
acceptable use policy/rules
Definition
Agreed-upon principles set forth by a company to govern how the employees of that company may use resources such as computers and Internet access
Term
annual loss expectancy (ALE)
Definition
This is a monetary measure of how much loss you could expect in a year.
Term
single loss expectancy (SLE)
Definition
This loss can be a critical failure, or it can be the result of an attack. It is monetary value, and it represents how much you could expect to lose at any one time. can be divided into two components:
AV (asset value): the value of the item
EF (exposure factor): the percentage of it threatened
Term
annualized rate of occurrence (ARO)
Definition
A calculation of how often a threat will occur. For example, a threat that occurs once every five years, it will be 1/5, or 0.2.
Term
Formula for ALE
Definition
SLE * ARO = ALE
Term
asset value (AV)
Definition
value of an item (server, property, and so on) associated with cash flow.
Term
business impact analysis (BIA)
Definition
A study of the possible impact if a disruption to a business’s vital resources were to occur.
Term
business partners agreement (BPA)
Definition
An agreement between partners in a business that outlines their responsibilities, obligations, and sharing of profits and losses.
Term
exposure factor (EF)
Definition
he potential percentage of loss to an asset if a threat is realized.
Term
interconnection security agreement (ISA)
Definition
As defined by NIST (in Publication 800-47), it is “an agreement established between the organizations that own and operate connected IT systems to document the technical requirements of the interconnection. The ISA also supports a Memorandum of Understanding or Agreement (MOU/A) between the organizations.”
Term
maximum tolerable downtime (MTD)
Definition
The maximum period of time that a business process can be down before the survival of the organization is at risk.
Term
mean time between failures (MTBF)
Definition
The measurement of the anticipated lifetime of a system or component.
Term
mean time to failure (MTTF)
Definition
The measurement of the average of how long it takes a system or component to fail.
Term
mean time to restore (MTTR)
Definition
The measurement of how long it takes to repair a system or component once a failure occurs.
Term
A PIA privacy impact assessment
Definition
often associated with a business impact analysis, and it identifies the adverse impacts that can be associated with the destruction, corruption, or loss of accountability of data for the organization
Term
A PTA privacy threshold assessment
Definition
This is the compliance tool used in conjunction with the PIA, more commonly known as an “analysis”
Term
memorandum of understanding (MOU)/memorandum of agreement (MOA)
Definition
Most commonly known as an MOU rather than MOA, this is a document between two or more parties defining their respective responsibilities in accomplishing a particular goal or mission, such as securing a system.
Term
recovery point objective (RPO)
Definition
The point last known good data prior to an outage that is used to recover systems.
Term
recovery time objective (RTO)
Definition
The maximum amount of time that a process or service is allowed to be down and the consequences still to be considered acceptable.
Term
Redundant Array of Independent Disks (RAID)
Definition
A configuration of multiple hard disks used to provide fault tolerance should a disk fail.
Supporting users have an ad free experience!