A detailed strategy that outlines how a company will continue to operate during and after an unexpected event or disaster.

This plan should detail the steps required to recover lost data, systems, and infrastructure.

Outlines how to communicate with employees, customers, and other stakeholders in the event of a disaster.

The following are some benefits of a disaster recovery plan EXCEPT:

It is an information access model that operates on a set of subjects, objects, and rights.

This model illustrates the direction of data flow between objects.

One of the five functional requirements which provide management of data in physical memory space (e.g., CPU registers, cache, main memory (RAM), disk storage (secondary storage))

Managing the process operations by work/execution threads (a series of tasks) using the same programmed instructions. Which allows multiple users and service requests e.g. Mach Kernel (BSD UNIX: Solaris, MacOS X, etc.)

___________ is a function of memory management where a computer will store and retrieve data from a device's secondary storage to the primary storage.

_____________________ is the practice of regulating and managing who can access what, when, and under what conditions in a computer system or network

Describes security measures that are designed to deny unauthorized access to facilities, equipment, and resources and to protect personnel and property from damage or harm.

Attacks that can cause a safe area to break into or the invasion of a restricted area part. An attacker can easily damage or steal critical IT assets, install malware on systems, or leave a remote access port on the network.

It contains burglar alarms, guards, and CCTV that keeps a complete record of the entire movement.

It controls and records the movement of people and vehicles.

Good indoor and outdoor lighting may be sufficient to prevent unauthorized access, especially at night. ______________ LIGHTING

Which of the following is the purpose of cryptography?

Which type of cryptography is based on a single secret key shared between two parties?

Which type of cryptography uses two different keys, one for encryption and one for decryption?

Which type of cryptography uses a public key for encryption and a private key for decryption?

The ability to be certain that the information contained within the message cannot be modified while in storage or transit.

Security through ________________is a concept in cybersecurity where the security of a system or data is believed to be achieved by keeping its inner workings or vulnerabilities hidden or unknown to potential attackers. It relies on the assumption that if the details of a system or its components are kept secret, it will be difficult for attackers to exploit them.

Why is obscuring security more dangerous than not addressing security at all?

Why does it make no sense to keep an algorithm for cryptography secret?

A globally recognized, vendor-neutral standard testing to an IT security professional’s technical skills and hands-on experience implementing and managing a security program.

It is a comprehensive framework of all relevant subjects a security professional ( should familiar with, including skills, techniques and best practices

It focuses on the protection of an organization’s assets, which can include everything from information and databases to buildings and equipment

Covers the processes and tools used to secure software applications throughout the software development life cycle.

A non-profit organization that provides security training and certificates.

The process of identifying, assessing, and prioritizing risks to an organization's operations, assets, and reputation.

Governance refers to the processes and structures by which an organization is directed and controlled.

Risk Assessment is a Business Continuity Plan step that identifies the potential risk and assesses the likelihood and potential impact on the business.

Empathy is a key principle of effective crisis communication that show concern for those affected by the crisis and demonstrate a willingness to listen and address their concerns.

Verification is the process of ensuring that the functional requirements of a system are implemented correctly and meet the intended purpose.

____________ refers to the description of what the system is expected to do and the features it should have.

__________________ is the process of confirming that the system has been implemented according to the specified requirements and design.

It typically relates to the overall confidence and reliability of the system, including aspects such as security, performance, and quality.

It is a term used to describe the process of identifying critical information, analyzing potential threats, and implementing measures to protect sensitive or valuable information from adversaries.

Operational Security is important because it helps protect sensitive information from falling into the wrong hands.

Operational Security originated as a counterintelligence strategy during ________________.

The key steps in the OPSEC (Operational Security) process are:

What is the primary goal of Operational Security?

Data Privacy and Protection refers to the processes and strategies implemented to identify, evaluate, and mitigate potential risks and uncertainties that could impact the achievement of objectives or the overall well-being of an entity.

Implementing measures to protect personal and sensitive data, including data encryption, secure data storage, access controls, and data anonymization techniques.

_____________________ and Disaster Recovery is a key element of securing the future by preparing for and mitigating the impact of potential disruptions or disasters.

Securing the future is important as it ensures the well-being and quality of life for current and future generations.

It is the use of deceptive communication tactics by cybercriminals to manipulate individuals into divulging confidential information.

The process of employing cryptographic techniques to protect confidential information and ensure that only authorized parties can access and transmit it.

The act of partitioning networks into smaller and more secure sections minimizes the scope and impact of a cyberattack.

The act of obtaining access to telecommunications transmissions, which can be done either by physically intercepting wired connections or by infiltrating digital data streams.

Cyberattacks in which hackers intercept and modify internet traffic with the intention of stealing data or distributing malware.