CIA Triad
Name the 3 tenets of the CIA Triad
What are Confidentiality, Integrity, and Availability
This is the highest level of classification for the government.
What is Top Secret?
This is the process of identifying, analyzing, and responding to potential threats that could impact an organization's assets.
What is Risk Management?
GDRP revised in 2016 stands for this
What is (EU) General Data Protection Regulation
These are the two kinds of cryptosystems
What are Symmetric and Asymmetric?
This principle of the CIA Triad ensures that authorized users can access data when needed.
What is Availability?
This process assigns a security label to data based on its sensitivity and impact level.
What is Data Classification?
This type of risk response involves taking no action and accepting the potential impact.
What is Risk Acceptance?
PCI stands for this
What is the payment card industry (data security standard)?
This security measure ensures that only authorized personnel can enter a restricted area using badges, biometrics, or PIN codes.
What is Access Control?
This CIA Triad principle ensures data remains accurate and unaltered.
What is integrity?
This principle ensures that users only have access to the data necessary for their job role.
What is the Principle of Least Privilege?
This risk management strategy involves transferring the impact of a risk to a third party, such as through insurance.
What is Risk Transfer?
GLBA of 1999 stand for this
What is the Gramm-Leach-Bliley Act?
This security measure prevents unauthorized physical access to critical infrastructure, such as data centers and server rooms.
What is Physical Security?
This type of attack violates the confidentiality principle by exposing sensitive information to unauthorized users.
What is a Data Breach?
This type of data classification is commonly used in the private sector to protect proprietary business information.
What is Confidential?
Identifies resources that are critical to our company and its ongoing viability.
What is Business Impact Assessment (BIA)?
FISMA stands for this
What is the Federal Information Security Management Act?
Solve (ROT1): GDZKSG
What is HEALTH?
This type of cyberattack targets the availability principle by overwhelming a system or network with excessive traffic
What is a Denial-of-Service (DoS) or Distributed Denial-of-Service (DDoS) attack?
When an asset no longers warrants or needs its current classification.
What is declassification?
Denying that a risk exists and hoping that it'll never be realized.
What is Risk Rejection?
HIPAA Stands for this.
What is the Health Insurance Portability and Accountability Act?
This data protection method ensures that stored data remains unreadable without proper decryption keys.
What is Encryption?