CISSP Crash Course - Security Concepts

A potential threat to the organization

A vulnerability in the system

An item of value that needs protection

A safeguard against risks

Criticality only affects data availability

Lower criticality means higher confidentiality

Criticality is unrelated to confidentiality

Higher criticality requires stronger confidentiality measures

The ease of use and accessibility of systems

The ability to prevent data breaches

The protection of data from unauthorized access

The accuracy and reliability of data

Ensuring data is available when needed

Preventing unauthorized access to data

Recording system events for auditing

Maintaining data accuracy and trustworthiness

Authentication verifies identity, while authorization grants access

Authorization verifies identity, while authentication grants access

Both terms mean the same in security

Authentication is a type of encryption

To focus solely on data encryption

To simplify security protocols

To rely on a single security measure

To layer multiple security measures for robust protection

Encryption

Data hiding

Abstraction

Auditing