front 1 Digital supply chain management | back 1 Managing the flow of goods and services through digital technologies |
front 2 Id management | back 2 the process of managing and controlling the digital identities of individuals or entities accessing information systems, applications, or other resources |
front 3 Authentication | back 3 the process of verifying the identity of a user or process |
front 4 Authorization | back 4 what assets you are approved to access |
front 5 Identity and Access management (IAM) | back 5 a specialty discipline within cybersecurity designed to ensure only the right people can access the appropriate data and resources |
front 6 Access management | back 6 the practices and tools that monitor and manage network access |
front 7 Identity governance | back 7 the act of using IT software and systems to manage user access and compliance |
front 8 Identity provisioning | back 8 manages user accounts and ensures users have access to the right resources and are using them appropriately |
front 9 Deprovisioning | back 9 the act of removing user access to applications, systems, and data within a network |
front 10 Authorization management | back 10 the process of controlling access to assets / resources |
front 11 MFA | back 11 Multi-Factor Authentication |
front 12 Single Sign on | back 12 is an authentication method that enables users to authenticate with multiple applications and websites by using 1 set of credentials |
front 13 Single Log off | back 13 the process of ending all sessions that SSO authenticated |
front 14 Incident | back 14 an event that negatively affects IT systems and impacts on the business |
front 15 Event | back 15 Any observable occurrence in the IT infrastructure |
front 16 Disaster | back 16 a catastrophic event that will have great negative effect on IT systems and impact on the business |
front 17 IRP preparation | back 17 This phase will be the workhorse of your incident response planning, and in the end, the most crucial phase to protect your business. |
front 18 IRP identification | back 18 This is the process where you determine whether you’ve been breached. A breach, or incident, could originate from many different areas |
front 19 IRP containment | back 19 Contain the breach so it doesn’t spread and cause further damage to your business |
front 20 IRP eradication | back 20 Fixing the problem |
front 21 IRP recovery | back 21 the process of restoring and returning affected systems and devices back into your business environment |
front 22 IRP Lessons learned | back 22 A post-incident meeting with all stakeholders where you discuss everything that happened |
front 23 Computer security incident response team | back 23 s a group of IT professionals that provides an organization with
services and support surrounding the assessment, management
and |
front 24 Incident response plan | back 24 The documentation of a predetermined set of instructions or procedures to detect, respond to, and limit consequences of malicious cyber attacks against an organization's information systems |
front 25 Disaster recovery plan | back 25 a formal document created by an organization that contains detailed instructions on how to respond to unplanned incidents & business disruptions to ensure critical IT support systems are resumed quickly with minimal loss of data |
front 26 RTO | back 26 recovery time objective |
front 27 RPO | back 27 recovery point objective |
front 28 MTBF | back 28 Mean time between failure |
front 29 MTTR | back 29 mean time to repair |
front 30 Auditing | back 30 verification activity of a process or system to ensure compliance to requirements |
front 31 Data auditing | back 31 the assessment of data for quality throughout its lifecycle to ensure its accuracy and efficacy for specific usage |
front 32 System auditing | back 32 the process in which an organization’s information systems and processes are tested to validate effectiveness, efficiency, and security |
front 33 Access Auditing | back 33 discussing who has access to data |
front 34 paper test | back 34 Team reads through the DRP and discusses validity |
front 35 walkthrough | back 35 Group walks through a simulation DRP to identify any issues or needed modifications |
front 36 simulation | back 36 Run a simulation disaster |
front 37 parallel test | back 37 Recovery systems are tested while primary systems continue to run full workload |
front 38 cutover | back 38 Primary systems are cut over to recovery systems |
front 39 Centralized | back 39 an internal body that handles incident response for the entire organization |
front 40 distributed | back 40 multiple incident response teams, with each one responsible for a physical location (e.g. branch office) |
front 41 coordinated | back 41 a central incident response team that works together with distributed incident response teams |
front 42 external audits | back 42 Audits you hire an auditing business to do an audit for you. |
front 43 Internal audits | back 43 Audits that are done by employees for that business |
front 44 SANS | back 44 1) preparation 2) identification 3) containment 4) eradication 5) recovery 6) Lessons learned |
front 45 NIST | back 45 1) preparation 2) identification 3) containment, eradication, recovery 4) Lessons learned |