Daily DFIN
DFIN was spun off from our former parent company in this year?
2016
NIST stands for this:
What is the National Insitute of Standards and Technology
This software development approach focuses on short cycles and iterative backlog management: I am not skinny.
What is Agile
This is a user within the org who may purposely exfiltrate data
This act takes steps to reduce the effects of risk for an organization
What is risk mitigation?
This product helps a company with their initial public offering.
Venue
The SOC (in SOC 2) stands for
what is System and Organizational Controls
This testing simulates the actions of a malicious actor trying to break into your application from the outside. Better cover your "ast"
what is dynamic application security testing (DAST)
This trust service principle refers to the protection sensitive information from authorized access, disclosure or alteration.
What is confidentiality
These "things" minimize risks to assets of an organization. Ms Jackson if your nasty knows about these.
What are controls
Arc Suite consists of these four (4) products
what are "ArcPro, ArcReporting, ArcDigital and ArcRegulatory"
The five core functions of NIST CSF 1.1 are: Identify Protect, Detect and these two "R's"
What are Respond and Recover
This world-wide non-profit organization is focuses on creating awareness of vulnerabilities and improving software security. Don't get stung by this question.
Who is OWASP
Categorizing information based on sensitivity and importance is known as?
what is data classification
This matrix visually organizes risks into defined impact levels.
What is a risk heat map
This LOB provides solutions for large financial institutions
What is GIC?
NIST CSF 2.0 adds this 6th Core Function
What is Govern
This attack is one in which an attacker injects malicious executable scripts into the code of a trusted application or website.
What is Cross-site scripting (XSS)
This sophisticate cyberattack involves compromising a system and remaining undetected for an extended period of time
What is an advanced persistent threat (or APT)
What entity is ultimately responsible for Security in an organization?
who are everyone?
October 26, 2022, the SEC adopted rule and form amendments that require mutual funds and exchange-traded funds to prepare and transmit streamlined annual and semi-annual data resulting in these.
What is/are Tailored Shareholder Reports?
This 2002 law the U.S. Congress passed on Kelly's birthday to help protect investors from fraudulent financial reporting by corporations and mandate strict reforms to existing securities regulations and imposed tough new penalties on lawbreakers.
What is Sarbanes-Oxley
This process helps identify and fix vulnerabilities in source code prior to deployment.
What is SAST or Static application security testing
This term is used for a security issue that is exploited by cyber villains before a patch or fix has been released?
What is a Zero-day Vulnerability?
Adherence to legal, internal, or contractually prescribed requirements for the IT of an organization is called
IT Compliance