Sec+ | Important Notes

Software that detects and STOPS an attack in real-time

Software that automates a response when set up

Software that Aggregates log data and acts as workforce multiplier

Security technologies that work together to screen devices for health conditions before accessing a network

Stops sensitive data exfiltration

Best tool to use to capture data packets going between computers.

Best way to see internal to external conversations between computers

Best way to control company data on a laptop or cellular phone.

Best way to store credit card data in a database is to replace it with a placeholder.

Best way to test your Incident Response Plan (IRP)

Report that shows how things are affected when a security incident happens.

Best way to transfer risk involved with a security incident.

A report provided by a vendor stating that we meet certain regulatory requirements

A policy that outlines how long we must store and maintain data

Step by step guide to responding to a security incident

Supporting document that provides security controls to orgs that are required to have ISMS.

Law that governs how an organization handles credit/debit card data.

Requires companies handle PII in a manner that keeps it private.

Privacy law that applies to European Citizens regarding their privacy rights.

Requires an organization to set up an ISMS if they deal with sensitive info.

The number of times something happens in a given year.

The amount of money we can expect to lose in a given year due to events occurring.

This is the maximum amount of time equipment can be down.

This is the maximum amount of data that can be lost.

The amount of money we can expect to lose if something occurs.

Mandy needs to create a way to rollback to a previous point if something goes wrong.

Dameon needs to determine everything that needs to be done to get into compliance.

Terry wants to enforce security policies on the cloud.

Jon needs a tool that will help him identify if anything in a file system has changed.

Sierra wants to prevent employees from sending sensitive info in email.

A formal document that an employee signs to ensure they understand what they are allowed to use an asset for.

A plan that outlines scope of a job, the completion timeline and the cost.

Legal agreement between two parties that outlines service requirements. Often denotes 99.9% uptime.

A plan that we put into place to maintain continuity in the event of a disaster or attack.

A complete analysis on how a situation or event would impact the organization.

A third party that holds cryptographic keys for you for safety and ease of access

Defeats a rainbow table by adding random characters to a data structure before its hashed

A set of instructions for turning plain text data into cipher text data

A 2-step process of turning plain text data into cipher, then back into plain text for data privacy

A cryptographic technology that assigns a unique code to a data structure "fingerprinting" it

A report on how effective a companies security controls are

A company who does not follow the required laws is this

A document that outlines who was been in contact with digital evidence

A preservation order issued by a law enforcement agency

The process of collecting digital evidence for preservation

Attacks because they want to gain money by selling data

Using an unauthorized software program in a company that the IT's don't know about

Attacks based on their personal beliefs

An advanced threat that works for a government

Revenge/retaliation on a company they work at