CYB 333 Q5

¡Supera tus tareas y exámenes ahora con Quizwiz!

The Global Information Assurance Certification (GIAC)

certification organization began as an offshoot of the SANS Institute training programs.

CompTIA Security+

considered an entry-level security certification

The (ISC)2 Systems Security Certified Practitioner (SSCP)

credential covers the seven domains of best practices for information security.

FERPA

doesn't require that specific information security controls be implemented to protect student records.

Information systems security is about

ensuring the confidentiality, integrity, and availability of IT infrastructures and the systems they comprise

NIST

federal agency within the U.S. Department of Commerce. NIST's mission is to "promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life."

Compliance

includes the actual state of being compliant, but it also includes the steps and processes taken to become compliant

PII

information that you can use to uniquely identify an individual. PII includes names, addresses, Social Security and driver's license numbers, financial account information, health records, and credentials.

PCI DSS

international standard for handling transactions involving payment cards. The Payment Card Industry Security Standards Council (PCI SSC) developed, publishes, and maintains the standard. Visa, MasterCard, and other payment card vendors helped to create the Payment Card Industry Data Security Standard (PCI DSS). The PCI Council has two major priorities. The first priority is to assist merchants and financial institutions in understanding and implementing standards for security policies, technologies, and ongoing processes that protect their payment systems from breaches and theft of cardholder data. Its second priority is to help vendors understand and implement the PCI standards and requirements for ensuring secure payment solutions are properly implemented.

role-based access control

mechanisms in their applications to ensure the confidentiality of sensitive data. Masking is used to "X out" pertinent characters of sensitive data.

Hertz

represents frequency and is expressed as the number of cycles per second. Gauss is a measurement of a magnetic field, joule is a measure of energy, and weber is a measure of magnetic flux.

The IEEE 802.11 series

standards covers wireless LAN technology, including 802.11a, 802.11b, 802.11g, 802.11n, and 802.11ac.

The International Electrotechnical Commission (IEC)

the predominant organization for developing and publishing international standards for technologies related to electrical and electronic devices and processes.

SOX

to protect investors from financial fraud. supplements other federal securities laws. It applies to publicly traded companies that must register with the Securities and Exchange Commission. Section 404 requires an organization's executive officers to establish, maintain, review, and report on the effectiveness of the company's internal controls over financial reporting (ICFR).

The seven layers of the OSI model,

, in order from the first through seventh layer, are: Physical, Data Link, Network, Transport, Session, Presentation, and Application.

The Federal Trade Commission (FTC)

Safeguards Rule requires a financial institution to create a written information security program that must state how the institution collects and uses customer data.

Privacy

a person's right to control the use and disclosure of his or her own personal information. This means that people have the opportunity to assess a situation and determine how their data are used. Information security is the process used to keep data private. Security is the process; privacy is a result

Federal Information Security Management Act (FISMA),

all federal agencies must report security incidents to the U.S. Computer Emergency Readiness Team (US-CERT).

HIPAA

applies specifically to health records. Under HIPAA, a breach is any impermissible use or disclosure of unsecured PHI that harms its security or privacy. Protected health information (PHI) is any individually identifiable information about a person's health.

The Gramm-Leach-Bliley Act (GLBA)

applies to the financial activities of consumers. addresses the privacy and security of consumer financial information.


Conjuntos de estudio relacionados

Match the concept to its definition/description

View Set

Trigeminal Neuralgia, Bell's Palsy, Guillain-Barre, Pediatric NCLEX

View Set

Classic Mechanics and the Wave Model

View Set

A&P - Anatomy & Physiology: The Unity of Form and Function - Chapter 20: The Blood Vessels - MEGAKIT

View Set

FIN APPS II FINAL EXAM REVIEW (TRUE OR FALSE Q'S)

View Set