FedVTE - Comptia Security+ SY0-501 Risk Management Questions & Answers.

FedVTE - Comptia Security+ SY0-501 Risk Management Questions & Answers. Security Policy Awareness Purpose - To enhance security by: - Improving awareness of the need to protect system resources - Developing skills/knowledge so computer uses can perform their jobs more securely End User Training - - Purpose, explanation, importance of adhering to security policy/procedures - Training should be initial, periodic, and ongoing Role Based Training - Specialized training that is customized to the specific role that an employee holds in the organization. Key Stakeholder Awareness - Promote security programs to executive leadership - Presenting all issues in context of business needs/objectives - Communicating risks, cost/benefit analysis, and residual risk - Gaining their support Data Classification - The practice of evaluating the risk level of the organization's information to ensure that the information receives the appropriate level of protection - Assign sensitivity, criticality, security priorities - Identify data value Data Privacy - The relationship between collection and dissemination of data, technology, the public expectation of privacy, and the legal/political issues surrounding them - Must classify to apply privacy - PII HIPAA - Health Insurance Portability and Accountability Act Classifications vs Clearances - People have clearances, Data has classifications. Access control is used to enforce which subjects have clearance to which classification of data Data Handling - Policies/procedures should be developed for handling and disposing of different classifications of data. Risk Avoidance - avoiding an act that would create a risk Risk Transference - a process in which the organization transfers the risk by using other means to compensate for a loss, such as by purchasing insurance Risk Mitigation - Reducing the impact of a risk event by reducing the probability of its occurrence Risk Deterrence - A strategy of dealing with risk in which it is decided that the best approach is to discourage potential attackers from engaging in the behavior that leads to the risk. Confidentiality - Ensuring information is only available to those authorized to have access to the information FedVTE - Comptia Security+ SY0-501 Risk Management Questions & Answers Integrity - Describes the wholeness and completeness of the information without any alteration except by authorized sources Availability - The ability to use the information or resource when it is needed. Confidentiality, Integrity, and Availability - Core security principles that ensure layers of defense against disclosure, alteration, and denial or DAD triad. Risk - The possibility that something could happen to damage, destroy, or disclose data or other resources. Risk Impact - the potential effect that a loss could have if it arises Risk Components - - Assets - Likelihood / Probability - Threat - Vulnerability - Impact - Controls Critical Assets - Assets determined to have an integral relationship with the mission of the organization and its success. Ex: Corporate financial data Likelihood / Probability - The measurement of probability that a threat will become realized within a specific amount of time. Expressed as Annualized Rate of Occurrence (ARO) ARO - Annualized Rate of Occurrence - Frequency of occurrence of a threat within a year Threats - Any person or tool that can take advantage of a vulnerability to compromise CIA of an asset Common threat tools: - Malicious code - Social Engineering - Packet sniffing / network scanning Threat Vectors - Path by which an attacker can gain access to a target in order to cause harm Vulnerabilities - Weakness in an asset Impact - A measurement of the amount of damage or loss that could be or will be caused if a potential threat is ever realized.