Study sets matching "security management"

Study sets
Classes
Users

Study sets matching "security management"

Security Management
Customer information that requires pro…
Customer information that requires pro…
Customer information that requires pro…
Customer information that requires pro…
Customer Names and ID's
National ID numbers
Individual or Corporate Financial information
Personal Information
Customer information that requires pro…
Customer Names and ID's
Customer information that requires pro…
National ID numbers
36 terms
Security Management
Top Secret
Secret
Confidential (Military)
Sensitive but unclassified
Could cause grave damage to national security
Also has significant effects
Classified and serious
Private, but would not cause significant damage
Top Secret
Could cause grave damage to national security
Secret
Also has significant effects
68 terms
Security Management
Criminal Law
Civil Law
Administrative Law
Intellectual Property
Focused on intrusions and info theft ... Intellectual Property
Possibly involve negligence
does not require legislation
Intangible assests (trademarks, patents, trade secrets) ... Orig…
Criminal Law
Focused on intrusions and info theft ... Intellectual Property
Civil Law
Possibly involve negligence
50 terms
Security management quiz 2
There are four problems here with mana…
The Fire Fighter... Managers who fail to…
Designing and implementing a protectiv…
Vicarious Liability -
(1) These managers are not properly managing they are not get…
1. They fail to plan their day's activities and or they faile…
The first step is to define the problem, conceptualize the pr…
the legal doctrine of respondeat superior (i.e., the employer…
There are four problems here with mana…
(1) These managers are not properly managing they are not get…
The Fire Fighter... Managers who fail to…
1. They fail to plan their day's activities and or they faile…
Security Management
Who grows more, law enforcement or sec…
Security is what type of industry?
Security's main goal is
As security manager, salary and benefi…
Security
Service related industry
Prevention
public service
Who grows more, law enforcement or sec…
Security
Security is what type of industry?
Service related industry
79 terms
security management
Fysieke beveiliging
Personele beveiliging
Informatie beveiliging
ICT beveiliging
Materiële beveiliging ten behoeve van omgeving, materieel en…
Beveiliging van personeel en Beveiliging tegen personeel
Beveiliging van informatie en Intellectueel eigendom tegen ve…
Beveiliging van ICT systemen en informatie opgeslagen in dit…
Fysieke beveiliging
Materiële beveiliging ten behoeve van omgeving, materieel en…
Personele beveiliging
Beveiliging van personeel en Beveiliging tegen personeel
93 terms
Security and Risk Management
What does a quantitative analysis calc…
How is annualized loss expectancy (ALE…
What value allows the company to evalu…
What is another name for ALE?
annualized loss expectancy (ALE).... -ALE indicates how much mon…
ALE = Single loss expectancy (SLE) X Frequency
Annualized loss expectancy (ALE).... -a result of a threat explo…
(ARO) Annual Rate of Occurrence ... -The frequency is the threat…
What does a quantitative analysis calc…
annualized loss expectancy (ALE).... -ALE indicates how much mon…
How is annualized loss expectancy (ALE…
ALE = Single loss expectancy (SLE) X Frequency
Security Management Exam 1
Access Control
7 Types of access control
The process of Accountability
Passwords
Not merely controlling user access to files or services. The…
Preventive, Recovery,Deterrent, Compensation, Detective, Dire…
Identification of subject... Authentication... *Type 1: What you kn…
Strings of characters typed to authenticate someone wanting t…
Access Control
Not merely controlling user access to files or services. The…
7 Types of access control
Preventive, Recovery,Deterrent, Compensation, Detective, Dire…
31 terms
security management chapter 9
account payable diversions
(BI) Business intelligence
cash conversions
competitive intelligence
Disbursement fraud committed by person who processes payroll…
competitive intelligence ; process of collecting , analyzing,…
theft of liquid assets, such as currency, and negotiable inst…
Business intelligence
account payable diversions
Disbursement fraud committed by person who processes payroll…
(BI) Business intelligence
competitive intelligence ; process of collecting , analyzing,…
50 terms
Management of Information Security Chapter 8
The inventory should also reflect the…
Determining the likelihood that vulner…
Which of the following distinctly iden…
The ultimate goal of risk identificati…
sensitivity
False
Manufacturer's part number
False
The inventory should also reflect the…
sensitivity
Determining the likelihood that vulner…
False
31 terms
Chapter 12: Security Management
Understanding Identify Management
Understanding Identity Management (con…
Understanding Identity Management (con…
Understanding Identity Management (con…
Identify management attempts to address problems and security…
Four key elements:... Single sign-on (SSO)... Password synchroniz…
SSO allows user to log on one time to a network or system and…
Passwords resets reduce costs associated with passwords-relat…
Understanding Identify Management
Identify management attempts to address problems and security…
Understanding Identity Management (con…
Four key elements:... Single sign-on (SSO)... Password synchroniz…
50 terms
Management of Information Security Chapter 6
Under the Bell-LaPadula model, the ___…
Need to know limits a user's access to…
Under the Clark-Wilson model, internal…
____________________ access controls a…
simple security
True
True
Mandatory
Under the Bell-LaPadula model, the ___…
simple security
Need to know limits a user's access to…
True
Security and Risk Management Practices
SLA
BPA
MOU - Not legally binding
ISA - Security on Partners side
Service Level Agreement
Business Partner Agreement
Memorandum of Understanding
Interconnection Security Agreement
SLA
Service Level Agreement
BPA
Business Partner Agreement
62 terms
Information Security & Risk Management
What's the goal Security Management?
What does Security Management includes?
What are the objectives of security an…
Risk analysis
To protect the propriety and confidential information of a co…
Includes risk management, information security policies, proc…
to protect the company and its assets. To provide availabilit…
What identifies a company's assets, discovers the threats tha…
What's the goal Security Management?
To protect the propriety and confidential information of a co…
What does Security Management includes?
Includes risk management, information security policies, proc…
Security and risk management
Shrinkage
Physical Inventory
Book Value
Shoplifting
The term used to describe inventory losses resulting from sho…
A count and inspection of all the merchandise in a store.
The amount of money inventory is shown to be worth in the bus…
The removal of items from a store with the intention of not p…
Shrinkage
The term used to describe inventory losses resulting from sho…
Physical Inventory
A count and inspection of all the merchandise in a store.
Cash Management and Security
Federal Reserve
Bank teller
Unfit currency
Cash is used most often for smaller pu…
the central bank of the United States regulates the U. S. mon…
a bank employee with the most customer interaction of any ban…
currency that is damaged, worn, beyond its useful life, or co…
.What is the most used payment method for smaller purchases?
Federal Reserve
the central bank of the United States regulates the U. S. mon…
Bank teller
a bank employee with the most customer interaction of any ban…
Management of Information Security Chapter 1
Scope creep
Failure to meet project deadlines
Communications
formation Technology
____ occurs when the quantity or quality of project deliverab…
____ is one of the most frequently cited failures in project…
___________________ security encompasses the protection of an…
The ____________________ community supports the business obje…
Scope creep
____ occurs when the quantity or quality of project deliverab…
Failure to meet project deadlines
____ is one of the most frequently cited failures in project…
8 terms
Managing Safety and Security
Worker's Compensation
Risk Management
Loss Control
Closed-Circuit Television
A form of insurance paid by the employer providing cash benef…
All efforts designed to preserve assets and earning power ass…
A risk management technique that attempts to decrease the fre…
A private video system in a building, store, or geographic ar…
Worker's Compensation
A form of insurance paid by the employer providing cash benef…
Risk Management
All efforts designed to preserve assets and earning power ass…
33 terms
Security Management Midterm
Definition of Security Managemente
Relationship Between organizational As…
80% of your really important results c…
If you cant tell me what you'd like to…
Security management is a broad field of management related to…
How assets effect other assets. Such as how if a segment of l…
...
...
Definition of Security Managemente
Security management is a broad field of management related to…
Relationship Between organizational As…
How assets effect other assets. Such as how if a segment of l…
Management of Information Security Chapter 1
Scope creep
Failure to meet project deadlines
Communications
information Technology
____ occurs when the quantity or quality of project deliverab…
____ is one of the most frequently cited failures in project…
___________________ security encompasses the protection of an…
The ____________________ community supports the business obje…
Scope creep
____ occurs when the quantity or quality of project deliverab…
Failure to meet project deadlines
____ is one of the most frequently cited failures in project…
49 terms
Management of Information Security Chapter 5
Information security program
Help Desk
CISO
consultant
____ is the term used to describe the structure and organizat…
____________________ personnel are the front line of incident…
The ____ is primarily responsible for the assessment, managem…
The information security ____ is typically an expert in some…
Information security program
____ is the term used to describe the structure and organizat…
Help Desk
____________________ personnel are the front line of incident…
58 terms
Management Business Operations and Security
Mouse
Manufacturing
Project Management
Price
Used to guide the Pointer to perform a certain action...
Production of goods for use or sale..
Designed to schedule and appoint management positions and eve…
This varies from product to product and depends if special sa…
Mouse
Used to guide the Pointer to perform a certain action...
Manufacturing
Production of goods for use or sale..
Security Management - Ch-4
Goals of creating secure networks
Availability
confidentiality
functionaility
Availability, confidentiality, functionality, access control
users have access to information services and network resources
prevent unauthorized users from gaining information about the…
preventing attackers from altering the capabilities or normal…
Goals of creating secure networks
Availability, confidentiality, functionality, access control
Availability
users have access to information services and network resources
security management ch 4
key and key card control
electronic access system
surveillance and access control proced…
unauthorized person
a system of key control is essential to the security of a lod…
the ability to change the data on an electronic key card perm…
hotel personnel play a central role in watching for trouble a…
as determined by management for each particular property shou…
key and key card control
a system of key control is essential to the security of a lod…
electronic access system
the ability to change the data on an electronic key card perm…
9 terms
Security-Risk Management
Shrinkage
Physical Inventory
Book Value
Shoplifting
The term used to describe inventory losses resulting from sho…
A count and inspection of all the merchandise in a store.
The amount of money inventory is shown to be worth in the bus…
The removal of items from a store with the intention of not p…
Shrinkage
The term used to describe inventory losses resulting from sho…
Physical Inventory
A count and inspection of all the merchandise in a store.
Chapter 12: Security Management
Tasks in the ________ phase of the sys…
The traditional process for developing…
The total number of points of work a t…
In the system implementation phase of…
system implementation
the systems development life cycle
velocity
false
Tasks in the ________ phase of the sys…
system implementation
The traditional process for developing…
the systems development life cycle
Management of Information Security Chapter 3
Disaster recovery
hierarchical
hot
Incident Response
_______ planning ensures that critical business functions can…
A ____ activation requires that the first person call designa…
A warm site offers many of the advantages of a(n) ___________…
_______________ is a set of procedures that commence when an…
Disaster recovery
_______ planning ensures that critical business functions can…
hierarchical
A ____ activation requires that the first person call designa…
33 terms
WEB1700 Device Management & Security
Rootkit
Malware
Virus
Bluetooth range
A program that hides in a computer and allows someone from a…
programs that act without the user's knowledge and deliberate…
A potentially damaging computer program that affects a comput…
approximately 30 feet
Rootkit
A program that hides in a computer and allows someone from a…
Malware
programs that act without the user's knowledge and deliberate…
60 terms
Security Management/ Laws and personnel
Security Management
Physical Security- Hardware
Physical Security- Liveware
Since 9/11, physical security program…
The set of functions that protects an organization or a syste…
Doors, lights, locks, walls, sensors, etc.
Proprietary security force (contract)... Guards, "rent-a-cop", c…
true
Security Management
The set of functions that protects an organization or a syste…
Physical Security- Hardware
Doors, lights, locks, walls, sensors, etc.
29 terms
Chapter 12: Security Management
Understanding Identity Management
Understanding Identity Management (con…
Understanding Identity Management (con…
Understanding Identity Management (con…
Identify management attempts to address problems and security…
four key elements:... -Single sign on (SSO)... -Password synchroniz…
SSO (single sign on) allows users to log on one time to a net…
Password resets reduce costs associated with password related…
Understanding Identity Management
Identify management attempts to address problems and security…
Understanding Identity Management (con…
four key elements:... -Single sign on (SSO)... -Password synchroniz…
Management of Information Security Chapter 2
attack
owners
safeguards
Resource management by executing appro…
An act or event that exploits a vulnerability is known as a(n…
Data ____________________ are responsible for the security an…
Controls or ____________________ are used to protect informat…
The basic outcomes of information security governance should…
attack
An act or event that exploits a vulnerability is known as a(n…
owners
Data ____________________ are responsible for the security an…
15 terms
Security+ - Access Control and Security Management
You are deploying a network for a smal…
Your network is configured as a distri…
You want to deploy a centralized authe…
An application needs to use a two-fact…
You should use discretionary access control (DAC) in this sit…
You should use secure Lightweight Directory Access Protocol (…
You should use TACACS+ in this scenarios. This is because TAC…
Time-based One-time Password Algorithm (TOTP) can provide a o…
You are deploying a network for a smal…
You should use discretionary access control (DAC) in this sit…
Your network is configured as a distri…
You should use secure Lightweight Directory Access Protocol (…
49 terms
Management of Information Security Chapter 5
Information security program
Help Desk
CISO
consultant
____ is the term used to describe the structure and organizat…
____________________ personnel are the front line of incident…
The ____ is primarily responsible for the assessment, managem…
The information security ____ is typically an expert in some…
Information security program
____ is the term used to describe the structure and organizat…
Help Desk
____________________ personnel are the front line of incident…
16 terms
Information Security Management
Information Security Management Depart…
Reasons for information security manag…
Information Security Management
Role of ISM
a department that is typically formed later or a team of prof…
because the government requires it, because the audit team re…
the intersection of information security and business in the…
interfaces with everyone in the organization to create an ove…
Information Security Management Depart…
a department that is typically formed later or a team of prof…
Reasons for information security manag…
because the government requires it, because the audit team re…
10 terms
Security Management: Hess Chapter 2
andragogy
bona fide occupational qualification (…
Certified Protection Professional (CPP)
convergence
Adult learning.
Skill or knowledge that is reasonable necessary to perform a…
Program of the American Society for Industrial Security that…
To come together and unite in a common interest or focus, a t…
andragogy
Adult learning.
bona fide occupational qualification (…
Skill or knowledge that is reasonable necessary to perform a…
43 terms
Security and Risk Management
Define strategic Management and Steps…
Please list one of the resources for s…
100% probability: What are the Five ba…
Please list one of the benefits to inc…
...
Financial resources... Physical resources... Human resources
1. The ability to understand the interaction dynamics of comp…
• Increase of positive attitudes... • Decrease Absenteeism... • Min…
Define strategic Management and Steps…
...
Please list one of the resources for s…
Financial resources... Physical resources... Human resources
70 terms
Security Management Exam 1
Security Breach : Target Payment Systems
Security Brach: Aussie Travel Cover
Security Breach: Sony Playstation and…
Denial of Service
Malware (memory scraper) installed to collect financial info…
770,000 records ... Additional Government Records ... SQL Injection
Denial of Service Attack ... Arrested: 18 year old from liverpoo…
Flooding a single victim with a steady stream of packets
Security Breach : Target Payment Systems
Malware (memory scraper) installed to collect financial info…
Security Brach: Aussie Travel Cover
770,000 records ... Additional Government Records ... SQL Injection
Security Management - Ch - 5
Authentication
authorization
auditing
mandatory access control (MAC)
supplicant sends credentials to verifier for authentication
what permissions the authenticated user will have
recording what people do in log files
no departmental or personal ability to alter access control r…
Authentication
supplicant sends credentials to verifier for authentication
authorization
what permissions the authenticated user will have
Security Management: Hess Chapter 3
authority
exclusionary rule
power
privatization
Right to give orders.
Makes inadmissible any evidence obtained by means violating a…
The force that can be used to carry out one's authority.
Duties normally performed by sworn personnel (e.g., police of…
authority
Right to give orders.
exclusionary rule
Makes inadmissible any evidence obtained by means violating a…
18 terms
Security Management: Hess Chapter 11
bot
competitive intelligence
contextual integrity
copyright
A type of malware that allows an attacker to gain complete co…
Consists of two overall facts: (1) the use of public sources…
Defines privacy using complex social principles expressed in…
A property right in an original work of authorship (including…
bot
A type of malware that allows an attacker to gain complete co…
competitive intelligence
Consists of two overall facts: (1) the use of public sources…
5 terms
Security and Risk Management
Shrinkage
Physical Inventory
Book Value
Shop Lifting
The term used to describe inventory losses resulting from sho…
A count and inspection of all the merchandise in a store
The amount of money inventory is shown to be worth in the bus…
The removal of items from a store with the intention of not p…
Shrinkage
The term used to describe inventory losses resulting from sho…
Physical Inventory
A count and inspection of all the merchandise in a store
16 terms
Security Management: Hess Chapter 10
bench trial
chain of custody/evidence
conclusionary language
connotative words
A trial before a judge without a jury.
Documentation of who has had control of the evidence from the…
Assumptions or opinions, nonfactual.
Words with strong emotional overtones.
bench trial
A trial before a judge without a jury.
chain of custody/evidence
Documentation of who has had control of the evidence from the…
14 terms
BIS Security Management
Top Secret
Secret
Confidential
Sensitive but Unclassified
Could cause grave damage to national security
Also has significant effects
Classified and serious
Private, but would not cause significant damage
Top Secret
Could cause grave damage to national security
Secret
Also has significant effects
Security Management Exam 2
Goals of Cryptography
Basic Terminolgy
Symmetric Key ("shared secret")
Asymmetric Key
Confidentiality, Integrity, Authentication, and Nonrepudiation
"Security through obscurity"... Plain Text... Cipher Text (Encrypti…
Shortcomings: Key distribution, Key regeneration every time u…
Same key pair used for all users... Private key cannot be derive…
Goals of Cryptography
Confidentiality, Integrity, Authentication, and Nonrepudiation
Basic Terminolgy
"Security through obscurity"... Plain Text... Cipher Text (Encrypti…
22 terms
Security Management: Maggio Chapter 2
agent
bail enforcement agents/bounty hunters
constitution
contract employee
A title that can describe a legal relationship under civil la…
Individuals who capture fugitives ("hunting") for a monetary…
A system, often codified as a written document, that establis…
A private security person that protects many different locati…
agent
A title that can describe a legal relationship under civil la…
bail enforcement agents/bounty hunters
Individuals who capture fugitives ("hunting") for a monetary…
20 terms
Security & Management Flash Cards
Rertinal Scanner
Fingerprint Scanner
Virus
Spam
A device that scans a persons retina for identification
A device that recognizes the fingerprints of individuals in o…
A harmful piece of software that can replicate itself, and in…
Electronic junk email
Rertinal Scanner
A device that scans a persons retina for identification
Fingerprint Scanner
A device that recognizes the fingerprints of individuals in o…
Security Management Midterm
1.1
1.9
5.5
9.9
Does as little as possible to get by; Avoids conflicts; Does…
Has great concern for people, little concern for production;…
Has moderate concern for both production and people; people a…
Concern for both people and production; considered the optima…
1.1
Does as little as possible to get by; Avoids conflicts; Does…
1.9
Has great concern for people, little concern for production;…
Security Management Midterm
Does private security show more or les…
Is private security more proactive or…
Former law enforcement officers in Pri…
The security Manager salary is about t…
More growth
Proactive
Former LEO's are awful at private security. Better at upper m…
Public Service
Does private security show more or les…
More growth
Is private security more proactive or…
Proactive
Virtual Retailing - Security and Risk Management
Shrinkage
Physical Inventory
Book Value
Shoplifting
The term used to describe inventory losses resulting from sho…
A count and inspection of all the merchandise in a store
The amount of money inventory is shown to be worth in the bus…
The removal of items from a store with the intention of not p…
Shrinkage
The term used to describe inventory losses resulting from sho…
Physical Inventory
A count and inspection of all the merchandise in a store
42 terms
Security and Risk Management Domain
Arms Export Control Act of 1976
Copyright
Data Disclosure
Directive Controls
Authorizes the President to designate those items that shall…
Covers the expression of ideas rather than the ideas themselv…
A breach for which it was confirmed that data was actually di…
Controls designed to specify acceptable rules of behavior wit…
Arms Export Control Act of 1976
Authorizes the President to designate those items that shall…
Copyright
Covers the expression of ideas rather than the ideas themselv…
1 of 10