Chapters 1-3
C.I.A. stands for
confidentiality, integrity, and availability
these are more detailed than policies and describe the steps that must be taken to conform with the policies
standards
the release of ambient static electricity into a ground.
electrostatic discharge
A method of regulating the modification of systems within the
organization by requiring formal review and approval for each change.
change control
A significant revision of a version from its previous state.
major release
name the emerging accelerated development models that merge development and operational skills
DevOps OR DevSecOps OR SecDevOps... Something ops for sure...
Specifications of authorization that govern the rights and privileges of users to a particular information asset.
access control list
an electromechanical device that automatically releases the lock protecting a control point if a power outage occurs. This type of lock is used for fire
safety locations.
fail-safe lock
A specific point in the project plan when a task that has a noticeable impact on
the plan’s progress is complete.
milestone
The processes of removing or repairing flaws in information assets that
cause a vulnerability or removing the risk associated with the vulnerability.
remediation
this word means any events or circumstances that have the potential to adversely affect operations and assets
threats
a combination of hardware and software that filters or prevents specific information from moving between the outside network and the inside network.
firewall
a small room or enclosure with separate entry and exit points, designed to restrain a person who fails an access authorization attempt
mantrap
A list of the tasks to be accomplished in the project,
the skill sets or individual employees needed to perform the tasks, the start and end dates
for tasks, the estimated resources required, and the dependencies among tasks.
work breakdown structure
The use of mobile scanning techniques to identify open wireless access
points.
war driving
these are formally adopted rules for acceptable behavior in modern society
laws
A private, secure network operated over a public and insecure network
VPN
a space between the ceiling in one level of a commercial building and the
floor of the level above.
plenum
Sworn testimony that certain facts are in the possession of an investigating
officer and that they warrant the examination of specific items located at a specific place.
affadavit
A type of rehearsal that seeks to realistically simulate the circumstances
needed to thoroughly test a plan.
war game
As part of an effort to encourage ethical behavior, many professional organizations have established these
codes of conduct or codes of ethics
A strategy to gain assurance that the users of a network do not send high value information or other critical information outside the network
DLP
the process of gaining unauthorized entry into a facility by closely
following another person through an entrance and using the credentials of the
authorized person to bypass a control point.
tailgating
Investigations that involve the preservation, identification, extraction,
documentation, and interpretation of computer media for evidentiary and root cause
analysis.
digital forensics
Permission to search for evidentiary material at a specified location
and/or to seize items to return to an investigator’s lab for examination.
search warrant