Computer Science > QUESTIONS & ANSWERS > CyberRookie CSX Fundamentals - Section 2: Cybersecurity Concepts (All)
CyberRookie CSX Fundamentals - Section 2: Cybersecurity Concepts 1 / 9 1. Core duty of cybersecurity: to identify, mitigate and manage cyberrisk to an organization's digital assets 2. Assessing ri... sk: one of the most critical functions of a cybersecurity organization 3. Dependent on understanding the risk and threats an organization faces- : Effective policies, security implementations, resource allocation and incident response preparedness 4. (3) three different approaches to implementing cybersecurity: Compliance-based, Risk-based, Ad hoc 5. Compliance-based: Also known as standards-based security, this approach relies on regulations or standards to determine security implementations. Controls are implemented regardless of their applicability or necessity, which often leads to a "checklist" attitude toward security. 6. Risk-based: relies on identifying the unique risk a particular organization faces and designing and implementing security controls to address that risk above and beyond the entity's risk tolerance and business needs. 7. Ad hoc: implements security with no particular rationale or criteria. Driven by vendor marketing, or they may reflect insufficient subject matter expertise, knowledge or training when designing and implementing safeguards. 8. Most organizations with mature security programs use a combination of these two (2) approaches.: risk-based and compliance-based 9. Require risk assessments to drive the particular implementation of the required controls.: Payment Card Industry Data Security Standard (PCIDSS) or the US Health Insurance Portability and Accountability Act (HIPAA). 10. Risk: The combination of the probability of an event and its consequence and mitigated through the use of controls or safeguards. 11. Threat: Anything (e.g., object, substance, human) that is capable of acting against an asset in a manner that can result in harm. A potential cause of an unwanted incident. 12. Threat source: as the actual process or agent attempting to cause harm 13. Threat event: as the result or outcome of a threat agent's malicious activity. 14. Asset: Something of either tangible or intangible value that is worth protecting, including people, information, infrastructure, finances and reputation [Show More]
Last updated: 1 year ago
Preview 1 out of 9 pages
Buy this document to get the full access instantly
Instant Download Access after purchase
Add to cartInstant download
We Accept:
Connected school, study & course
About the document
Uploaded On
Nov 01, 2022
Number of pages
9
Written in
This document has been written for:
Uploaded
Nov 01, 2022
Downloads
0
Views
60
In Browsegrades, a student can earn by offering help to other student. Students can help other students with materials by upploading their notes and earn money.
We're available through e-mail, Twitter, Facebook, and live chat.
FAQ
Questions? Leave a message!
Copyright © Browsegrades · High quality services·