Rick Management Processes
This process identifies the organization's resources and their valuation.
What is asset identification?
This plan identifies appropriate disaster responses that maintain business operation when resources are reduced.
What is the business continuity plan?
This act involves looking over the shoulder of someone working on a computer.
What is shoulder surfing?
What is the software development life cycle.
This model is usually chaotic in nature. Developers are given a project without a consistent team, funding, or schedule.
What is ad hoc?
This process defines events originating outside of the organization as well as intentional or accidental acts by employees.
What is threat identification?
A business continuity plan includes 5 steps: Analysis, solution design, _____________, testing, and maintenance.
What is implementation?
This act refers to an attacker entering a secured building by following an authorized employee without their consent.
What is tailgating?
The SDLC incorporates the CIA of security...what does CIA stand for?
What is confidentiality, integrity, and availability?
This model consists of sequential phases where each phase contains a series of instructions that must be executed and documented before the next phase.
What is waterfall planning?
This process is used to identify lax physical security and weak passwords.
What is vulnerability evaluation?
This plan focuses on the impact losses will have on the organization.
What is the business impact analysis?
This act refers to an attacker entering a secured building by following an authorized employee with their consent.
What is piggybacking?
The software development and coding phase of the SDLC involves coding, testing and this activity.
What is validation?
This model is a mixtures of the waterfall model and the prototype model.
What is the spiral model?
This policy is the practice of determining which threats identifies are relevant and pressing to the organization and then attaching a potential loss amount to the threat.
What is risk assessment?
Financial loss estimates include these two broad types of loss.
What is tangible (e.g. physical) and intangible (e.g. reputation).
This action sends a fraudulent message that appears to be legitimate and directs the recipient to a fraudulent website.
What is phishing?
This SDLC phase involves archiving, overwriting, and destroying material related to the software.
What is the end of life phase?
This model values simplicity, feedback, courage, and communication.
What is extreme programming?
This process involves taking measures to mitigate the likelihood of a threat by deploying security controls.
What is risk response?
This plan identifies short-term actions necessary to stop the incident and restore critical functions.
What is the disaster recovery plan?
This action is a targeted attack against a group or industry where the attacker guesses or observes the websites most frequented by the group and infects one or sites with malware.
What is a watering hole?
This SDLC phase is when formal functional testing is performed by users and the user guides and manuals are created.
What is the software installation and implementation phase?
This software development concept is based on the organization of objects rather than actions.
What is object-oriented programming?