Integrity, Ensures data is not modified by unauthorized users, Separation of Duties, No single person controls all steps of a critical process, NAT, Translates private IP addresses to public IP addresses, Non-repudiation, Sender cannot deny having sent a message, Due Diligence, Researching and understanding risks before acting, Hot Site, Fully operational recovery site within minutes, Due Care, Implementing reasonable security measures, Cold Site, Empty facility that takes days or weeks to activate, Least Privilege, Granting minimum access needed to perform a job, Accountability, Logging and tracking user actions, RPO, Maximum acceptable amount of data loss, Confidentiality, Prevents unauthorized disclosure of information, RTO, Maximum acceptable downtime for a system, IDS, Detects and alerts on threats but does not block them, Authorization, Determining what a user is allowed to do, Defense in Depth, Multiple overlapping layers of security controls, Authentication, Verifying that a user is who they claim to be, IPS, Sits inline and automatically blocks malicious traffic, Availability, Ensures systems are accessible when needed, VPN, Creates an encrypted tunnel for secure remote access.

ISC2 CC Practice

بواسطة
طباعة
تضمين

لوحة المتصدرين

شاهد أفضل اللاعبين

لوحة الصدارة

النمط البصري

الخيارات

تبديل القالب

لوحة المتصدرين

شاهد أفضل اللاعبين
)
استعادة الحفظ التلقائي: ؟