Education > EXAM > CISM (Certified Information Security manager) - Vocabulary 2022 (All)

CISM (Certified Information Security manager) - Vocabulary 2022

Document Content and Description Below

Acceptable interruption window Max time a system can be unavailable before compromising business objectives. Acceptable use policy Policy agreement between users and the organization. Defines a... pproved range of use for access to a network or the Internet Access controls The processes, rules and deployment mechanisms that control access to information systems, resources and physical access to premises Access path Logical route an end user takes to access computerized information. Typically includes a route through the OS, telecommunications software, applications, and access controls. Access rights Permission or privileges granted to users, programs or workstations to create, change, delete or view data and files within a system, as defined by rules established by data owners and the information security policy Accountability The ability to map a given activity or event back to the responsible party Action plan A plan of the steps necessary to achieve objectives Ad hoc Arbitrary approach, no formal plan or process Administrative controls Rules, procedures and practices that deal with operational effectiveness, efficiency and adherence to regulations and management policies. Adware Any software package that automatically plays, displays or downloads advertising material to a computer after the software is installed on it or while the application is being used. In most cases, this is done without any notification to the user or without the user's consent. This software may or maynot contain spyware. Advance Encryption Standard (AES) The international encryption standard that replaced 3DES. Algorithm A finite set of step-by-step instructions for a problem-solving or computation procedure, especially one that can be implemented by a computer. Anomaly-Based Detection The process of comparing definitions of what activity is considered normal against observed events to identify significant deviations. This approach is used on some intrusion detection systems. Annual Loss Expectation (ALE) The total expected loss divided by the number of years in the forecast period yielding the average annual loss Alert situation The point in an emergency procedure when the elapsed time passes a threshold and the interruption is not resolved. The organization entering into an alert situation initiates a series of escalation steps. Alternate facilities Locations and infrastructures from which emergency or backup processes are executed, when the main premises are unavailable or destroyed. This includes other buildings, offices or data processing centers. Alternate process Automatic or manual processes designed and established to continue critical business processes from point-of-failure to return-to-normal Anonymous File Transfer Protocol (AFTP)* A method of downloading public files using the File Transfer Protocol (FTP). AFTP does not require users to identify themselves before accessing files from a particular server. In general, users enter the word "anonymous" when the host prompts for a username. Anything can be entered for the password, such as the user's e-mail address or simply the word "guest." Antivirus software An application software deployed at multiple points in an IT architecture. It is designed to detect and potentially eliminate virus code before damage is done, and repair or quarantine files that have already been infected Application Programming Interface (API) An application programming interface (API) is a source code-based specification intended to be used as an interface by software components to communicate with each other. Application controls The policies, procedures and activities designed to provide reasonable assurance that objectives relevant to a given automated solution (application) are achieved Application layers In the Open Systems Interconnection (OSI) communications model, the application layer provides services for an application program to ensure that effective communication with another application program in a network is possible. The application layer is not the application that is doing the communication; it is a service layer that provides these services. Application service provider (ASP) Also known as managed service provider (MSP), it deploys, hosts and manages access to a packaged application to multiple parties from a centrally managed facility. The applications are delivered over networks on a subscription basis. Architecture Description of the fundamental underlying design of the components of the business system, or of one element of the business system (e.g., technology), the relationships among them, and the manner in which they support the organization's objectives Address Resolution Protocol (ARP) ARP defines the exchanges between network interfaces connected to an Ethernet media segment in order to map an IP address to a link layer address on demand. Assurance The grounds for confidence that the set of intended security controls in an information system are effective in their application. Assurance Process Integration Integration of organizational assurance processes to achieve greater efficiencies and counter typical silo effects. Assymetric encryption A cryptographic key that may be widely published and is used to enable the operation of an asymmetric cryptography scheme. This key is mathematically linked with a corresponding private key. Typically, a public key can be used to encrypt, but not decrypt, or to validate a signature, but not to sign. Attack Signature A specific sequence of events indicative of an unauthorized access attempt. Typically a characteristic byte pattern used in malicious code or an indicator, or set of indicators that allows the identification of malicious network activities. Attributes The fundamental characteristics of something Audit Independent review and examination of records and activities to assess the adequacy of system controls, to ensure compliance with established policies and operational procedures, and to recommend necessary changes in controls, policies, or procedures Audit Review The assessment of an information system to evaluate the adequacy of implemented security controls, assure that they are functioning properly, identify vulnerabilities, and assist in implementation of new security controls where required. This assessment is conducted annually or whenever significant change has occurred and may lead to recertification of the information system. Audit trail A series of records either in hard copy or in electronic format that provide a chronological record of user activity and other events that show the details of user and system activity. Audit trails can be used to document when users log in, how long they are engaged in various activities, what they were doing, and whether any actual or attempted security violations occurred. Authentication The act of verifying the identity of an entity (e.g., a user, a system, a network node) Authorization Access privileges granted to a user, program, or process or the act of granting those privileges Automated Clearing House (ACH) ACH is an electronic network for financial transactions in the United States. ACH processes large volumes of credit and debit transactions in batches. Credit transfers include direct deposit payroll and vendor payments and ACH direct debit transfers include consumer payments on insurance premiums, mortgage loans, and other kinds of bills Availability Information that is accessible when required by the business process now and in the future Awareness (Information Security) Activities which seek to focus an individual's attention on an (information security) issue or set of issues. Backup center An alternate facility to continue IT/IS operations when the primary DP center is unavailable Biometrics To recognize the identity, or verify the claimed identity, of an applicant. Facial images, fingerprints, and iris scan samples are all examples of biometrics. Business intelligence (BI)* Refers to computer-based techniques used in identifying, extracting, and analyzing business data, such as sales revenue by products and/or departments, or by associated costs and incomes. BI technologies provide historical, current and predictive views of business operations. Common functions of business intelligence technologies are reporting, online analytical processing, analytics, data mining, process mining, complex event processing, business performance management, benchmarking, text mining and predictive analytics. Business impact assessment (BIA) An analysis of an information system's requirements, functions, and interdependencies used to characterize system contingency requirements and priorities in the event of a significant disruption. Baseline Security The minimum security controls required for safeguarding an IT system based on its identified needs for confidentiality, integrity, and/or availability protection. Bastion Host A special-purpose computer on a network specifically designed and configured to withstand attacks. Business continuity management (BCM) Planning focused on assuring continuous business processes and is a major factor in an organization's survival during and after a disruption. This is a key component of Comprehensive Emergency Management. Business continuity planning (BCP) The documentation of a predetermined set of instructions or procedures that describe how an organization's mission/business functions will be sustained during and after a significant disruption. Benchmarking A systematic approach to comparing an organization's performance against peers and competitors in an effort to learn the best ways of conducting business. Examples include benchmarking of quality, logistical efficiency and various other metrics. Business Impact Assessment (BIA) An analysis of an information system's requirements, functions, and interdependencies used to characterize system contingency requirements and priorities in the event of a significant disruption. Biometric A measurable physical characteristic or personal behavioral trait used to recognize the identity, or verify the claimed identity, of an applicant. Facial images, fingerprints, and iris scan samples are all examples. Bit-stream image Also referred to as mirror image backups, involve the backup of all areas of a computer hard disk drive or other type of storage media. Such backups exactly replicate all sectors on a given storage device including all files and ambient data storage areas. Bit copy Provides an exact image of the original and is a requirement for legally justifiable forensics Bit The smallest unit of information storage; a contraction of the term "binary digit;" one of two symbols "0" (zero) and "1" (one) - that are used to represent binary numbers. Blacklisting The process of the system invalidating a user ID [Show More]

Last updated: 1 year ago

Preview 1 out of 45 pages

Reviews( 0 )

Recommended For You

 Education> EXAM > CISM (Certified Information Security manager) - Vocabulary (All)

preview
CISM (Certified Information Security manager) - Vocabulary

Acceptable interruption window Max time a system can be unavailable before compromising business objectives. Acceptable use policy Policy agreement between users and the organization. Defines a...

By Nancylect , Uploaded: Jun 30, 2022

$8

 *NURSING> EXAM > Relias Dysrhythmia Basic Test Answers 2023 Dysrhythmia – Basic A ( A+ GRADED 100% VERIFIED) (All)

preview
Relias Dysrhythmia Basic Test Answers 2023 Dysrhythmia – Basic A ( A+ GRADED 100% VERIFIED)

Relias Dysrhythmia Basic Test Answers 2023 Dysrhythmia – Basic A ( A+ GRADED 100% VERIFIED)

By kian biden , Uploaded: Jan 29, 2024

$9.5

 *NURSING> EXAM > ATI PN comprehensive predictor 2020/2021 180 Questions And Answers.(SCORE A GUARANTEED) (All)

preview
ATI PN comprehensive predictor 2020/2021 180 Questions And Answers.(SCORE A GUARANTEED)

Ati PN comprehensive predictor 2020/2021 180 Questions And Answers.(SCORE A GUARANTEED)

By Rixx Dennis , Uploaded: Nov 17, 2021

$46

 *NURSING> EXAM > NURS 6512 Advanced Health Assessment and Diagnostic Reasoning Final Exam- Walden University (All)

preview
NURS 6512 Advanced Health Assessment and Diagnostic Reasoning Final Exam- Walden University

NURS6512 - Advanced Health Assessment & Diagnostic Reasoning Advanced Health Assessment Final Exam Q & A what is the leading cause of mortality in teenagers? - motor vehicle accidents ho...

By quiz_bit , Uploaded: Apr 30, 2021

$13

 Anatomy> EXAM > BSC 2346 A & P Module 5 Mid Term Exam; Latest Complete Solution Guide; Rasmussen College. (All)

preview
BSC 2346 A & P Module 5 Mid Term Exam; Latest Complete Solution Guide; Rasmussen College.

BSC 2346 A & P Module 5 Mid Term Exam Mid Term- Module 5 Which choice best describes the function of the haversian (central) canals within bone? What statement is NOT true regarding synovial...

By Expert#1 , Uploaded: Feb 11, 2020

$11

 *NURSING> EXAM > ATI Comprehensive Predictor (Study This One!) (All)

preview
ATI Comprehensive Predictor (Study This One!)

ATI Comprehensive Predictor Quizlet/ATI Comprehensive Predictor Quizlet/ATI Comprehensive Predictor Quizlet/ATI Comprehensive Predictor Quizlet

By Rixx Dennis , Uploaded: Mar 07, 2021

$15

 *NURSING> EXAM > NR 501 Nursing Theory Week 8 Quiz (All)

preview
NR 501 Nursing Theory Week 8 Quiz

NR501 Week 8: Nursing Theory Quiz Week 8: Nursing Theory Quiz Question 1 A statement of beliefs and values about human beings and their world is: An assumption A concept A hypothesis A philosophy Ques...

By QUIZ BIT , Uploaded: Jun 23, 2021

$10

 *NURSING> EXAM > Nutrition Proctored-Questions and Answers (2020) (All)

preview
Nutrition Proctored-Questions and Answers (2020)

Nursing 160 Nutrition Proctored-Questions and Answers/Nursing 160 Nutrition Proctored-Questions and Answers /Nursing 160 Nutrition Proctored-Questions and Answers

By Rixx Dennis , Uploaded: Jan 20, 2021

$12

 *NURSING> EXAM > HESI Med Surg Exam 2023, Med-Surg HESI Exam (All)

preview
HESI Med Surg Exam 2023, Med-Surg HESI Exam

HESI Med Surg Exam (CHECK THE LAST PAGE FOR MULTIPLE VERSIONS OF THE EXAM AND OTHER HESI EXAMS) A nurse is assisting with the care of a client who has a femur fracture and is in skeletal traction....

By Maxquizer , Uploaded: Jul 18, 2021

$9

 *NURSING> EXAM > RN ATI Capstone Comprehensive Assessment A: The Actual Exam. Individual Performance Profile. (All)

preview
RN ATI Capstone Comprehensive Assessment A: The Actual Exam. Individual Performance Profile.

RN ATI Capstone Comprehensive Assessment A: The Actual exam. Individual Performance Profile AREAS OF REVIEW STUDY Management of care Safety and infection control Health promotion and maintance Ps...

By QuizMaster , Uploaded: Aug 10, 2020

$9

$9.00

Add to cart

Instant download

Can't find what you want? Try our AI powered Search

OR

GET ASSIGNMENT HELP
44
0

Document information


Connected school, study & course



About the document


Uploaded On

Jun 30, 2022

Number of pages

45

Written in

Seller


seller-icon
CATE NATALIA

Member since 1 year

3 Documents Sold


Additional information

This document has been written for:

Uploaded

Jun 30, 2022

Downloads

 0

Views

 44

Document Keyword Tags

THE BEST STUDY GUIDES

Avoid resits and achieve higher grades with the best study guides, textbook notes, and class notes written by your fellow students

custom preview

Avoid examination resits

Your fellow students know the appropriate material to use to deliver high quality content. With this great service and assistance from fellow students, you can become well prepared and avoid having to resits exams.

custom preview

Get the best grades

Your fellow student knows the best materials to research on and use. This guarantee you the best grades in your examination. Your fellow students use high quality materials, textbooks and notes to ensure high quality

custom preview

Earn from your notes

Get paid by selling your notes and study materials to other students. Earn alot of cash and help other students in study by providing them with appropriate and high quality study materials.

WHAT STUDENTS SAY ABOUT US


What is Browsegrades

In Browsegrades, a student can earn by offering help to other student. Students can help other students with materials by upploading their notes and earn money.

We are here to help

We're available through e-mail, Twitter, Facebook, and live chat.
 FAQ
 Questions? Leave a message!

Follow us on
 Twitter

Copyright © Browsegrades · High quality services·