Standards may be published, scrutinized, and ratified by a group, as in formal or _____ standards.
The _____ is based on and directly supports the mission, vision, and direction of the organization and sets the strategic direction, scope, and tone for all security efforts.
_____ often function as standards or procedures to be used when configuring or maintaining systems.
A security framework
_____ is an outline of the overall information security strategy for the organization and a roadmap for planned changes to the information security environment of the organization.
The stated purpose of _____ is to "give recommendations for information security management for use by those who are responsible for initiating, implementing, or maintaining security in their organization."
SP 800-14, Generally Accepted Principles and Practices for Securing Information Technology Systems, provides best practices and security principles that can direct the security team in the development of a security _____.
ALL OF THE ABOVE
Effective management includes planning and _____.
The Security Area Working Group acts as an advisory board for the protocols and areas developed and promoted by teh Internet Society and the _____.
The spheres of _____ are the foundation of the security framework and illustrate how information is under attack from a variety of sources.
_____ controls cover security processes that are designed by strategic planners and implemented by the security administration of the organization.
ALL OF THE ABOVE
Redundancy can be implemented at a number of points throughout the security architecture, such as in _____.
address personnel security, physical security, and the protection of production inputs and outputs.
_____-based IDPSs look at patterns of network traffic and attempt to detect unusual activity based on previous baselines.
The SETA program is the responsibility of the _____ and is a control measure designed to reduce the incidences of accidental security breaches by employees.
A(n) _____ plan deals with the identification, classification, response, and recovery from an incident.
An alert _____ is a document containing contact information for the people to be notified in the event of an incident.
Incident damage _____ is the rapid determination of the scope of the breach of the confidentiality, integrity, and availability of information and information assets during or just following an incident.