Lap 1 Cybersecurity
Top-down Approach
the breaking down of a system to gain insight into its compositional sub-systems in a reverse engineering fashion.
Bottom-up Approach
the piecing together of systems to give rise to more complex systems, thus making the original systems sub-systems of the emergent system.
Community Of Interest
A community of people who share a common interest or passion.
Waterfall Model
A linear project management approach, where stakeholder and customer requirements are gathered at the beginning of the project, and then a sequential project plan is created to accommodate those requirements.
McCumber Cube
A model framework for establishing and evaluating information security programs.
Data Users
A person who, either alone or jointly or in common with other persons, controls the collection, holding, processing or use of the data
Project Team
A team whose members usually belong to different groups, have different functions and are assigned by the project manager to activities for the same project.
Data Custodians
An employee of the University who has administrative and/or operational responsibility over Institutional Data.
Information System
An information system is the information and communication technology (ICT) that an organization uses, and also the way in which people interact with this technology in support of business processes.
Availability
Authorized users that can freely access the systems, networks, and data needed to perform their daily tasks.
C.I.A. Triad
Confidentiality, integrity and availability, also known as the CIA triad, is a model designed to guide policies for information security within an organization.
Data Owners
Either individuals or teams who make decisions such as who has the right to access and edit data and how it's used.
System Development Life Cycle (SDLC)
In systems engineering, information systems and software engineering, the systems development life cycle, also referred to as the application development life-cycle, is a process for planning, creating, testing, and deploying an information system.
Integrity
Maintaining the accuracy, and completeness of data.
Personally Identifiable Information (PII)
Personal data, also known as personal information or personally identifiable information is any information relating to an identifiable person.
Physical Security
Physical security is the protection of personnel, hardware, software, networks and data from physical actions and events that could cause serious loss or damage to an enterprise, agency or institution.
Confidentiality
Protecting information from being accessed by unauthorized parties.
Chief Information Officer (CIO)
The company executive responsible for the management, implementation, and usability of information and computer technologies.
Chief Information Security Officer (CISO)
The company executive responsible for the management, implementation, and usability of information and computer technologies.
Communications Security
The discipline of preventing unauthorized interceptors from accessing telecommunications in an intelligible form, while still delivering content to the intended recipients.
Software Assurance (SA)
The level of confidence that software is free from vulnerabilities, either intentionally designed into the software or accidentally inserted at any time during its lifecycle, and that the software functions in the intended manner.
Network Security
The policies and practices adopted to prevent and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources.
Information Security
The practice of protecting information by mitigating information risks
Computer Security
The protection of computer systems and networks from the theft of or damage to their hardware, software, or electronic data, as well as from the disruption or misdirection of the services they provide.
Accuracy
The quality or state of being correct or precise.
Security
The state of being free from danger or threat.
Utility
The state of being useful, profitable, or beneficial.
Methodology
The way a cyber security analyst solves the problem or test a system.
Authenticity
Verification of a message or document to ensure it wasn't forged or tampered with. Examples include digital signature and HMAC.
Possession
Who owns what data.