Cybersecurity
9 studiers in 3 days 5.0 (1 review)
Save
Students also studied
Flashcard sets Study guides
Cyber Security FY 2026 Cyber Awareness Challeng... CompTIA Security+ SY0-701 DOD C
19 terms Teacher 25 terms 126 terms 64 terms
Mckenzi9th Preview OnHorizon Preview endlesshappiness847 Preview Trai
Terms in this set (329) Hide definitions
What is cybersecurity preventing the unauthorized access to data and information systems
what three goals does cybersecurity have confidentiality, integrity, accessibility
what is the confidentiality goal of cybersecurity ensuring no one with authorized can access information
what is the integrity goal of cybersecurity ensuring the data hasn't been manipulated and is accurate
what is the availability goal of cybersecurity ensuring the systems are available to the end users
what are the three main methods or controls that shape people, process, technology
cybersecurity?
what is the role of people in cybersecurity - giving people the skills and information to implement an effective cybersecurity
program
- training, awareness, building skills
what is process in cybersecurity the policies and organizational procedures used to implement and manage the
cybersecurity program
what role does technology play in cybersecurity the tools or controls used to implement the cybersecurity lifecycle
, what is the cybersecurity lifecycle the components of cybersecurity according to NIST
what are the NIST components of the cybersecurity identify, monitor, protect, detect, respond, recover
lifecycle
what is the old model to approach cybersecurity the perimeter model (hard shell, soft inside)
why is the perimeter model not fully effective in - the perimeter is not perfect and is only one layer
cybersecurity - you have to violate the perimeter all the time to share information between
authorized users
- too many doors and windows
What is the Identify function in the NIST model? Identify
The Identify Function assists in developing an organizational understanding to
managing cybersecurity risk to systems, people, assets, data, and capabilities.
Understanding the business context, the resources that support critical functions,
and the related cybersecurity risks enables an organization to focus and prioritize
its efforts, consistent with its risk management strategy and business needs.
Examples of outcome Categories within this Function include:
Identifying physical and software assets within the organization to establish the
basis of an Asset Management program
Identifying the Business Environment the organization supports including the
organization's role in the supply chain, and the organizations place in the critical
infrastructure sector
Identifying cybersecurity policies established within the organization to define the
Governance program as well as identifying legal and regulatory requirements
regarding the cybersecurity capabilities of the organization
Identifying asset vulnerabilities, threats to internal and external organizational
resources, and risk response activities as a basis for the organizations Risk
Assessment
Identifying a Risk Management Strategy for the organization including
establishing risk tolerances
Identifying a Supply Chain Risk Management strategy including priorities,
constraints, risk tolerances, and assumptions used to support risk decisions
associated with managing supply chain risks
9 studiers in 3 days 5.0 (1 review)
Save
Students also studied
Flashcard sets Study guides
Cyber Security FY 2026 Cyber Awareness Challeng... CompTIA Security+ SY0-701 DOD C
19 terms Teacher 25 terms 126 terms 64 terms
Mckenzi9th Preview OnHorizon Preview endlesshappiness847 Preview Trai
Terms in this set (329) Hide definitions
What is cybersecurity preventing the unauthorized access to data and information systems
what three goals does cybersecurity have confidentiality, integrity, accessibility
what is the confidentiality goal of cybersecurity ensuring no one with authorized can access information
what is the integrity goal of cybersecurity ensuring the data hasn't been manipulated and is accurate
what is the availability goal of cybersecurity ensuring the systems are available to the end users
what are the three main methods or controls that shape people, process, technology
cybersecurity?
what is the role of people in cybersecurity - giving people the skills and information to implement an effective cybersecurity
program
- training, awareness, building skills
what is process in cybersecurity the policies and organizational procedures used to implement and manage the
cybersecurity program
what role does technology play in cybersecurity the tools or controls used to implement the cybersecurity lifecycle
, what is the cybersecurity lifecycle the components of cybersecurity according to NIST
what are the NIST components of the cybersecurity identify, monitor, protect, detect, respond, recover
lifecycle
what is the old model to approach cybersecurity the perimeter model (hard shell, soft inside)
why is the perimeter model not fully effective in - the perimeter is not perfect and is only one layer
cybersecurity - you have to violate the perimeter all the time to share information between
authorized users
- too many doors and windows
What is the Identify function in the NIST model? Identify
The Identify Function assists in developing an organizational understanding to
managing cybersecurity risk to systems, people, assets, data, and capabilities.
Understanding the business context, the resources that support critical functions,
and the related cybersecurity risks enables an organization to focus and prioritize
its efforts, consistent with its risk management strategy and business needs.
Examples of outcome Categories within this Function include:
Identifying physical and software assets within the organization to establish the
basis of an Asset Management program
Identifying the Business Environment the organization supports including the
organization's role in the supply chain, and the organizations place in the critical
infrastructure sector
Identifying cybersecurity policies established within the organization to define the
Governance program as well as identifying legal and regulatory requirements
regarding the cybersecurity capabilities of the organization
Identifying asset vulnerabilities, threats to internal and external organizational
resources, and risk response activities as a basis for the organizations Risk
Assessment
Identifying a Risk Management Strategy for the organization including
establishing risk tolerances
Identifying a Supply Chain Risk Management strategy including priorities,
constraints, risk tolerances, and assumptions used to support risk decisions
associated with managing supply chain risks
