Erstellt von DJ Perrone
vor etwa 7 Jahre
|
||
What is the CIA triangle?
In reference to the CIA triangle, what is confidentiality?
What are some examples of some controls to increase confidentiality?
In reference to the CIA triangle, what is integrity?
What are some examples of some controls to increase integrity?
In reference to the CIA triangle, what is availability?
What are some examples of some controls to increase availability?
What is FIPS 199?
In reference to the CIA Tenets, what is a LOW impact for Confidentiality?
In reference to the CIA Tenets, what is a MODERATE impact for Confidentiality?
In reference to the CIA Tenets, what is a HIGH impact for Confidentiality?
In reference to the CIA Tenets, what is a LOW impact for Integrity?
In reference to the CIA Tenets, what is a MODERATE impact for Integrity?
In reference to the CIA Tenets, what is a HIGH impact for Integrity?
In reference to the CIA Tenets, what is a LOW impact for Availability?
In reference to the CIA Tenets, what is a MODERATE impact for Availability?
In reference to the CIA Tenets, what is a HIGH impact for Availability?
What are the 4 common Commercial Business Classifications?
When is data exempt from FOIA?
What is information life cycle?
What are the 7 main categories of access controls?
In reference to access controls, what is the compensative category? What are some examples?
In reference to access controls, what is the corrective category? What are some examples?
In reference to access controls, what is the detective category? What are some examples?
In reference to access controls, what is the deterrent category? What are some examples?
In reference to access controls, what is the directive category? What are some examples?
In reference to access controls, what is the preventive category? What are some examples?
In reference to access controls, what is the recovery category? What are some examples?
What are types of access controls?
What is an administrative (management) control?
What is a logical (technical) control?
What is a physical control?
What is STRM?
In reference to FIPS 199, what is an SC?
How do you calculate the SC?
What is another name for the FIPS 199 nomenclature to calculate the SC?
The following are examples of what?
- Reckless/untrained employee
- Partner
- Disgruntled Employee
- Internal/government spy
- Vendor
- Thief
The following are examples of what?
- Anarchist
- Competitor
- Corrupt Government Official
- Data miner
- Government Cyber Warrior
- Terrorist
Internal/External actors are divided in to what sub-categories?
What criteria is used to analyze threat actors?
What tool is used in risk management to identify vulnerabilities and threats?
What are the 4 main goals of risk assessment?
What does SLE stand for?
What is SLE?
What is EV?
What does ALE stand for?
What is ALE?
What is ARO?
How do you calculate the ALE?
What is ARO?
What is payback?
What is NPV?
How do you calculate the NPV?
What are the 4 strategies for risk reduction?
What are 6 steps of risk management IAW NIST SP 800-30?
What is residual risk?
What is SABSA?
What are the 6 layers of the SABSA framework matrix?
What are the NIST SP 800-53 control families for the technical class?
What are the NIST SP 800-53 control families for the operational class?
What are the NIST SP 800-53 control families for the management class?
What is a BCP?
What is defined in the NIST Special Publication 800-34 (Rev 1)
What are the steps listed in SP 800-34 R1 for business continuity?
What are the different time frames between strategic plans and tactical plans?