Identify, Protect, Detect, Respond, Recover

Assess, Prevent, React, Restore, Review

Plan, Secure, Monitor, Repair, Revise

Analyze, Defend, Counter, Remediate, Regroup

Confidentiality, Integrity, Availability

Control, Information, Access

Compliance, Infrastructure, Authentication

Cryptography, Identification, Authorization

Encrypting sensitive data so that only authorized users can read it

Ensuring that systems are always online and accessible

Implementing firewalls to prevent unauthorized network access

Regularly backing up data to prevent data loss

Using checksums to verify that files have not been altered

Limiting physical access to server rooms

Requiring multi-factor authentication for user logins

Conducting penetration testing to identify vulnerabilities

Implementing redundant systems so that services remain online even if one system fails

Using strong passwords to protect user accounts

Implementing intrusion detection systems to identify malicious activity

Regularly patching software to fix security vulnerabilities

Authentication, Authorization, Accounting

Access, Audit, Alert

Analysis, Assessment, Action

Application, Architecture, Automation

Use a mix of upper and lowercase letters, Use symbols, Use numbers, Be at least 12 characters long, Avoid personal information, Use a password manager

Use only letters, Use common words, Be at least 6 characters long, Use personal information, Change it every year, Use the same password everywhere

Use only numbers, Use dictionary words, Be at least 8 characters long, Use personal information, Change it every month, Use the same password everywhere

Use only symbols, Use simple patterns, Be at least 10 characters long, Use personal information, Change it every week, Use the same password everywhere