Explore all topics
Start Free Trial
Need Help? Contact us
back arrowfull exam logo
search
ai logoChat with AI
Servicesarrow
Discoverarrow

Topics

Explore all topics
Discover more topics

Deck 11: Wireless Security Policy

Full screen (f)
exit full mode
Question
The goal of information security is to protect the integrity, ____, and availability of data on the devices that store, manipulate, and transmit the information.

A) authorization
B) authentication
C) confidentiality
D) accounting
Use Space or
up arrow
down arrow
to flip the card.
Question
The best approach to creating a security policy is for a member of the IT staff to create the document in a few days with little or no input from other individuals.
Question
____ is defined as the obligations that are imposed on owners and operators of assets to exercise reasonable care of the assets and take necessary precautions to protect them.

A) Due care
B) Separation of duties
C) Need to know
D) Risk assessment
Question
Identifying assets is a fairly simple and quick process.
Question
The ____ is the expected monetary loss that can be expected for an asset because of a risk over a one-year period.

A) Exposure Factor (EF)
B) Annualized Rate of Occurrence (ARO)
C) Annualized Loss Expectancy (ALE)
D) Single Loss Expectancy (SLE)
Question
A(n) ____ is defined as any item that has a positive economic value.

A) risk
B) asset
C) threat
D) vulnerability
Question
A ____ is a document that outlines specific requirements or rules that must be met.

A) policy
B) standard
C) guideline
D) risk
Question
A ____ is a collection of requirements specific to the system or procedure that must be met by everyone.

A) code of ethics
B) guideline
C) standard
D) policy
Question
A(n) ____ involves determining the damage that would result from an attack and the likelihood that a vulnerability is a risk to the organization.

A) threat modeling
B) risk assessment
C) attack tree
D) attack modeling
Question
The proper development of a security policy is accomplished through what is called the ____.

A) software life cycle
B) data life cycle
C) assets policy cycle
D) security policy cycle
Question
If policies are too restrictive or too hard to implement and comply with, they will either be ignored or people will find a way to circumvent the controls in the policies.
Question
____ takes a current snapshot of the security of the organization as it now stands.

A) Asset modeling
B) Asset tree
C) Threat modeling
D) Vulnerability appraisal
Question
The main purpose of an ethics code is to state the values, principles, and ideals that each member of an organization must agree to.
Question
The ____ is the expected monetary loss every time a risk occurs.

A) Exposure Factor (EF)
B) Annualized Loss Expectancy (ALE)
C) Annualized Rate of Occurrence (ARO)
D) Single Loss Expectancy (SLE)
Question
The risks for the least important assets should be reduced first.
Question
____ is the process of tracking the assets.

A) Asset management
B) Risk identification
C) Threat management
D) Vulnerability identification
Question
____ seeks to determine the risks that an organization faces against its information assets.

A) Risk identification
B) Security policy design
C) Security policy evaluation
D) Compliance monitoring and evaluation
Question
A ____ is a collection of suggestions that should be implemented.

A) code of ethics
B) guideline
C) standard
D) policy
Question
A(n) ____ provides a visual image of the attacks that may occur against an asset.

A) asset tree
B) attack tree
C) asset modeling
D) asset identification
Question
____ constructs scenarios of the types of threats that assets can face.

A) Asset management
B) Vulnerability identification
C) Threat modeling
D) Asset identification
Question
____________________ means that one person's work serves as a complementary check on another person's actions.
Question
Many organizations now enforce a(n) ____ policy to address accessing public hotspots.

A) acceptable use
B) VPN
C) password management
D) public access WLAN use
Question
What are the options faced by an organization when confronted with a risk?
Question
What are the layers of information security?
Question
A ____ can help to clarify some of the ethical obligations and responsibilities undertaken by users.

A) guideline
B) security policy
C) code of ethics
D) standard
Question
A(n) ____ policy should clearly address how passwords are managed.

A) password management
B) VPN
C) acceptable use
D) WLAN use
Question
The ALE is calculated by multiplying the SLE by the ____________________.
Question
A(n) ____________________ is any threat that exists against an asset.
Question
Why is it critical to have users "buy in" to the policy and willingly follow it?
Question
What are the three models of trust?
Question
What are the characteristics of a policy?
Question
The SLE is computed by multiplying the value of the asset (Asset Value or AV) by the ____________________.
Question
Managing the process of implementing changes is known as ____.

A) risk assessment
B) change management
C) change identification
D) change modeling
Question
Only that employee whose job function depends on knowing the information is provided access. This is called ____.

A) Due care
B) Separation of duties
C) Risk assessment
D) Need to know
Question
What are the types of assets available at any organization?
Question
A(n) ____________________ is a document or series of documents that clearly defines the defense mechanisms an organization will employ to keep information secure.
Question
Briefly explain how to perform a risk assessment.
Question
What are some of the factors to consider when determining the relative value of an asset?
Question
A(n) ____ outlines the actions to be performed when a security breach occurs.

A) risk identification
B) threat modeling
C) risk management
D) incident response
Question
What are some of the principles that are involved for good compliance monitoring and evaluation?
Question
Briefly describe the areas that should be considered when creating an incident response team (IRT).
Question
Match between columns
Premises:
Responses:
never-ending process of identifying what needs to be protected, determining how to protect it, and evaluating the adequacy of the protection.
Attack tree
never-ending process of identifying what needs to be protected, determining how to protect it, and evaluating the adequacy of the protection.
Data
never-ending process of identifying what needs to be protected, determining how to protect it, and evaluating the adequacy of the protection.
Annualized Rate of Occurrence (ARO)
never-ending process of identifying what needs to be protected, determining how to protect it, and evaluating the adequacy of the protection.
Risk assessment
never-ending process of identifying what needs to be protected, determining how to protect it, and evaluating the adequacy of the protection.
Code of ethics
never-ending process of identifying what needs to be protected, determining how to protect it, and evaluating the adequacy of the protection.
Security policy
never-ending process of identifying what needs to be protected, determining how to protect it, and evaluating the adequacy of the protection.
Acceptable use policy (AUP)
never-ending process of identifying what needs to be protected, determining how to protect it, and evaluating the adequacy of the protection.
Exposure Factor (EF)
never-ending process of identifying what needs to be protected, determining how to protect it, and evaluating the adequacy of the protection.
Security policy cycle
defines what actions the users of a system may perform while using the wireless network.
Attack tree
defines what actions the users of a system may perform while using the wireless network.
Data
defines what actions the users of a system may perform while using the wireless network.
Annualized Rate of Occurrence (ARO)
defines what actions the users of a system may perform while using the wireless network.
Risk assessment
defines what actions the users of a system may perform while using the wireless network.
Code of ethics
defines what actions the users of a system may perform while using the wireless network.
Security policy
defines what actions the users of a system may perform while using the wireless network.
Acceptable use policy (AUP)
defines what actions the users of a system may perform while using the wireless network.
Exposure Factor (EF)
defines what actions the users of a system may perform while using the wireless network.
Security policy cycle
probability that a risk will occur in a particular year.
Attack tree
probability that a risk will occur in a particular year.
Data
probability that a risk will occur in a particular year.
Annualized Rate of Occurrence (ARO)
probability that a risk will occur in a particular year.
Risk assessment
probability that a risk will occur in a particular year.
Code of ethics
probability that a risk will occur in a particular year.
Security policy
probability that a risk will occur in a particular year.
Acceptable use policy (AUP)
probability that a risk will occur in a particular year.
Exposure Factor (EF)
probability that a risk will occur in a particular year.
Security policy cycle
final step in identifying risks.
Attack tree
final step in identifying risks.
Data
final step in identifying risks.
Annualized Rate of Occurrence (ARO)
final step in identifying risks.
Risk assessment
final step in identifying risks.
Code of ethics
final step in identifying risks.
Security policy
final step in identifying risks.
Acceptable use policy (AUP)
final step in identifying risks.
Exposure Factor (EF)
final step in identifying risks.
Security policy cycle
the lifeblood of an organization.
Attack tree
the lifeblood of an organization.
Data
the lifeblood of an organization.
Annualized Rate of Occurrence (ARO)
the lifeblood of an organization.
Risk assessment
the lifeblood of an organization.
Code of ethics
the lifeblood of an organization.
Security policy
the lifeblood of an organization.
Acceptable use policy (AUP)
the lifeblood of an organization.
Exposure Factor (EF)
the lifeblood of an organization.
Security policy cycle
encourage members of professional groups to adhere to strict ethical behavior within their profession.
Attack tree
encourage members of professional groups to adhere to strict ethical behavior within their profession.
Data
encourage members of professional groups to adhere to strict ethical behavior within their profession.
Annualized Rate of Occurrence (ARO)
encourage members of professional groups to adhere to strict ethical behavior within their profession.
Risk assessment
encourage members of professional groups to adhere to strict ethical behavior within their profession.
Code of ethics
encourage members of professional groups to adhere to strict ethical behavior within their profession.
Security policy
encourage members of professional groups to adhere to strict ethical behavior within their profession.
Acceptable use policy (AUP)
encourage members of professional groups to adhere to strict ethical behavior within their profession.
Exposure Factor (EF)
encourage members of professional groups to adhere to strict ethical behavior within their profession.
Security policy cycle
document that outlines the specific rules that must be met in order to keep the WLAN secure.
Attack tree
document that outlines the specific rules that must be met in order to keep the WLAN secure.
Data
document that outlines the specific rules that must be met in order to keep the WLAN secure.
Annualized Rate of Occurrence (ARO)
document that outlines the specific rules that must be met in order to keep the WLAN secure.
Risk assessment
document that outlines the specific rules that must be met in order to keep the WLAN secure.
Code of ethics
document that outlines the specific rules that must be met in order to keep the WLAN secure.
Security policy
document that outlines the specific rules that must be met in order to keep the WLAN secure.
Acceptable use policy (AUP)
document that outlines the specific rules that must be met in order to keep the WLAN secure.
Exposure Factor (EF)
document that outlines the specific rules that must be met in order to keep the WLAN secure.
Security policy cycle
a valuable tool used in threat modeling.
Attack tree
a valuable tool used in threat modeling.
Data
a valuable tool used in threat modeling.
Annualized Rate of Occurrence (ARO)
a valuable tool used in threat modeling.
Risk assessment
a valuable tool used in threat modeling.
Code of ethics
a valuable tool used in threat modeling.
Security policy
a valuable tool used in threat modeling.
Acceptable use policy (AUP)
a valuable tool used in threat modeling.
Exposure Factor (EF)
a valuable tool used in threat modeling.
Security policy cycle
proportion of an asset's value that is likely to be destroyed by a particular risk.
Attack tree
proportion of an asset's value that is likely to be destroyed by a particular risk.
Data
proportion of an asset's value that is likely to be destroyed by a particular risk.
Annualized Rate of Occurrence (ARO)
proportion of an asset's value that is likely to be destroyed by a particular risk.
Risk assessment
proportion of an asset's value that is likely to be destroyed by a particular risk.
Code of ethics
proportion of an asset's value that is likely to be destroyed by a particular risk.
Security policy
proportion of an asset's value that is likely to be destroyed by a particular risk.
Acceptable use policy (AUP)
proportion of an asset's value that is likely to be destroyed by a particular risk.
Exposure Factor (EF)
proportion of an asset's value that is likely to be destroyed by a particular risk.
Security policy cycle
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/42
auto play flashcards
Play
simple tutorial
Full screen (f)
exit full mode
Deck 11: Wireless Security Policy
1
The goal of information security is to protect the integrity, ____, and availability of data on the devices that store, manipulate, and transmit the information.

A) authorization
B) authentication
C) confidentiality
D) accounting
C
2
The best approach to creating a security policy is for a member of the IT staff to create the document in a few days with little or no input from other individuals.
False
3
____ is defined as the obligations that are imposed on owners and operators of assets to exercise reasonable care of the assets and take necessary precautions to protect them.

A) Due care
B) Separation of duties
C) Need to know
D) Risk assessment
A
4
Identifying assets is a fairly simple and quick process.
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
5
The ____ is the expected monetary loss that can be expected for an asset because of a risk over a one-year period.

A) Exposure Factor (EF)
B) Annualized Rate of Occurrence (ARO)
C) Annualized Loss Expectancy (ALE)
D) Single Loss Expectancy (SLE)
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
6
A(n) ____ is defined as any item that has a positive economic value.

A) risk
B) asset
C) threat
D) vulnerability
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
7
A ____ is a document that outlines specific requirements or rules that must be met.

A) policy
B) standard
C) guideline
D) risk
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
8
A ____ is a collection of requirements specific to the system or procedure that must be met by everyone.

A) code of ethics
B) guideline
C) standard
D) policy
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
9
A(n) ____ involves determining the damage that would result from an attack and the likelihood that a vulnerability is a risk to the organization.

A) threat modeling
B) risk assessment
C) attack tree
D) attack modeling
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
10
The proper development of a security policy is accomplished through what is called the ____.

A) software life cycle
B) data life cycle
C) assets policy cycle
D) security policy cycle
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
11
If policies are too restrictive or too hard to implement and comply with, they will either be ignored or people will find a way to circumvent the controls in the policies.
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
12
____ takes a current snapshot of the security of the organization as it now stands.

A) Asset modeling
B) Asset tree
C) Threat modeling
D) Vulnerability appraisal
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
13
The main purpose of an ethics code is to state the values, principles, and ideals that each member of an organization must agree to.
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
14
The ____ is the expected monetary loss every time a risk occurs.

A) Exposure Factor (EF)
B) Annualized Loss Expectancy (ALE)
C) Annualized Rate of Occurrence (ARO)
D) Single Loss Expectancy (SLE)
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
15
The risks for the least important assets should be reduced first.
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
16
____ is the process of tracking the assets.

A) Asset management
B) Risk identification
C) Threat management
D) Vulnerability identification
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
17
____ seeks to determine the risks that an organization faces against its information assets.

A) Risk identification
B) Security policy design
C) Security policy evaluation
D) Compliance monitoring and evaluation
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
18
A ____ is a collection of suggestions that should be implemented.

A) code of ethics
B) guideline
C) standard
D) policy
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
19
A(n) ____ provides a visual image of the attacks that may occur against an asset.

A) asset tree
B) attack tree
C) asset modeling
D) asset identification
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
20
____ constructs scenarios of the types of threats that assets can face.

A) Asset management
B) Vulnerability identification
C) Threat modeling
D) Asset identification
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
21
____________________ means that one person's work serves as a complementary check on another person's actions.
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
22
Many organizations now enforce a(n) ____ policy to address accessing public hotspots.

A) acceptable use
B) VPN
C) password management
D) public access WLAN use
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
23
What are the options faced by an organization when confronted with a risk?
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
24
What are the layers of information security?
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
25
A ____ can help to clarify some of the ethical obligations and responsibilities undertaken by users.

A) guideline
B) security policy
C) code of ethics
D) standard
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
26
A(n) ____ policy should clearly address how passwords are managed.

A) password management
B) VPN
C) acceptable use
D) WLAN use
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
27
The ALE is calculated by multiplying the SLE by the ____________________.
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
28
A(n) ____________________ is any threat that exists against an asset.
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
29
Why is it critical to have users "buy in" to the policy and willingly follow it?
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
30
What are the three models of trust?
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
31
What are the characteristics of a policy?
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
32
The SLE is computed by multiplying the value of the asset (Asset Value or AV) by the ____________________.
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
33
Managing the process of implementing changes is known as ____.

A) risk assessment
B) change management
C) change identification
D) change modeling
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
34
Only that employee whose job function depends on knowing the information is provided access. This is called ____.

A) Due care
B) Separation of duties
C) Risk assessment
D) Need to know
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
35
What are the types of assets available at any organization?
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
36
A(n) ____________________ is a document or series of documents that clearly defines the defense mechanisms an organization will employ to keep information secure.
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
37
Briefly explain how to perform a risk assessment.
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
38
What are some of the factors to consider when determining the relative value of an asset?
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
39
A(n) ____ outlines the actions to be performed when a security breach occurs.

A) risk identification
B) threat modeling
C) risk management
D) incident response
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
40
What are some of the principles that are involved for good compliance monitoring and evaluation?
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
41
Briefly describe the areas that should be considered when creating an incident response team (IRT).
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
42
Match between columns
Premises:
Responses:
never-ending process of identifying what needs to be protected, determining how to protect it, and evaluating the adequacy of the protection.
Attack tree
never-ending process of identifying what needs to be protected, determining how to protect it, and evaluating the adequacy of the protection.
Data
never-ending process of identifying what needs to be protected, determining how to protect it, and evaluating the adequacy of the protection.
Annualized Rate of Occurrence (ARO)
never-ending process of identifying what needs to be protected, determining how to protect it, and evaluating the adequacy of the protection.
Risk assessment
never-ending process of identifying what needs to be protected, determining how to protect it, and evaluating the adequacy of the protection.
Code of ethics
never-ending process of identifying what needs to be protected, determining how to protect it, and evaluating the adequacy of the protection.
Security policy
never-ending process of identifying what needs to be protected, determining how to protect it, and evaluating the adequacy of the protection.
Acceptable use policy (AUP)
never-ending process of identifying what needs to be protected, determining how to protect it, and evaluating the adequacy of the protection.
Exposure Factor (EF)
never-ending process of identifying what needs to be protected, determining how to protect it, and evaluating the adequacy of the protection.
Security policy cycle
defines what actions the users of a system may perform while using the wireless network.
Attack tree
defines what actions the users of a system may perform while using the wireless network.
Data
defines what actions the users of a system may perform while using the wireless network.
Annualized Rate of Occurrence (ARO)
defines what actions the users of a system may perform while using the wireless network.
Risk assessment
defines what actions the users of a system may perform while using the wireless network.
Code of ethics
defines what actions the users of a system may perform while using the wireless network.
Security policy
defines what actions the users of a system may perform while using the wireless network.
Acceptable use policy (AUP)
defines what actions the users of a system may perform while using the wireless network.
Exposure Factor (EF)
defines what actions the users of a system may perform while using the wireless network.
Security policy cycle
probability that a risk will occur in a particular year.
Attack tree
probability that a risk will occur in a particular year.
Data
probability that a risk will occur in a particular year.
Annualized Rate of Occurrence (ARO)
probability that a risk will occur in a particular year.
Risk assessment
probability that a risk will occur in a particular year.
Code of ethics
probability that a risk will occur in a particular year.
Security policy
probability that a risk will occur in a particular year.
Acceptable use policy (AUP)
probability that a risk will occur in a particular year.
Exposure Factor (EF)
probability that a risk will occur in a particular year.
Security policy cycle
final step in identifying risks.
Attack tree
final step in identifying risks.
Data
final step in identifying risks.
Annualized Rate of Occurrence (ARO)
final step in identifying risks.
Risk assessment
final step in identifying risks.
Code of ethics
final step in identifying risks.
Security policy
final step in identifying risks.
Acceptable use policy (AUP)
final step in identifying risks.
Exposure Factor (EF)
final step in identifying risks.
Security policy cycle
the lifeblood of an organization.
Attack tree
the lifeblood of an organization.
Data
the lifeblood of an organization.
Annualized Rate of Occurrence (ARO)
the lifeblood of an organization.
Risk assessment
the lifeblood of an organization.
Code of ethics
the lifeblood of an organization.
Security policy
the lifeblood of an organization.
Acceptable use policy (AUP)
the lifeblood of an organization.
Exposure Factor (EF)
the lifeblood of an organization.
Security policy cycle
encourage members of professional groups to adhere to strict ethical behavior within their profession.
Attack tree
encourage members of professional groups to adhere to strict ethical behavior within their profession.
Data
encourage members of professional groups to adhere to strict ethical behavior within their profession.
Annualized Rate of Occurrence (ARO)
encourage members of professional groups to adhere to strict ethical behavior within their profession.
Risk assessment
encourage members of professional groups to adhere to strict ethical behavior within their profession.
Code of ethics
encourage members of professional groups to adhere to strict ethical behavior within their profession.
Security policy
encourage members of professional groups to adhere to strict ethical behavior within their profession.
Acceptable use policy (AUP)
encourage members of professional groups to adhere to strict ethical behavior within their profession.
Exposure Factor (EF)
encourage members of professional groups to adhere to strict ethical behavior within their profession.
Security policy cycle
document that outlines the specific rules that must be met in order to keep the WLAN secure.
Attack tree
document that outlines the specific rules that must be met in order to keep the WLAN secure.
Data
document that outlines the specific rules that must be met in order to keep the WLAN secure.
Annualized Rate of Occurrence (ARO)
document that outlines the specific rules that must be met in order to keep the WLAN secure.
Risk assessment
document that outlines the specific rules that must be met in order to keep the WLAN secure.
Code of ethics
document that outlines the specific rules that must be met in order to keep the WLAN secure.
Security policy
document that outlines the specific rules that must be met in order to keep the WLAN secure.
Acceptable use policy (AUP)
document that outlines the specific rules that must be met in order to keep the WLAN secure.
Exposure Factor (EF)
document that outlines the specific rules that must be met in order to keep the WLAN secure.
Security policy cycle
a valuable tool used in threat modeling.
Attack tree
a valuable tool used in threat modeling.
Data
a valuable tool used in threat modeling.
Annualized Rate of Occurrence (ARO)
a valuable tool used in threat modeling.
Risk assessment
a valuable tool used in threat modeling.
Code of ethics
a valuable tool used in threat modeling.
Security policy
a valuable tool used in threat modeling.
Acceptable use policy (AUP)
a valuable tool used in threat modeling.
Exposure Factor (EF)
a valuable tool used in threat modeling.
Security policy cycle
proportion of an asset's value that is likely to be destroyed by a particular risk.
Attack tree
proportion of an asset's value that is likely to be destroyed by a particular risk.
Data
proportion of an asset's value that is likely to be destroyed by a particular risk.
Annualized Rate of Occurrence (ARO)
proportion of an asset's value that is likely to be destroyed by a particular risk.
Risk assessment
proportion of an asset's value that is likely to be destroyed by a particular risk.
Code of ethics
proportion of an asset's value that is likely to be destroyed by a particular risk.
Security policy
proportion of an asset's value that is likely to be destroyed by a particular risk.
Acceptable use policy (AUP)
proportion of an asset's value that is likely to be destroyed by a particular risk.
Exposure Factor (EF)
proportion of an asset's value that is likely to be destroyed by a particular risk.
Security policy cycle
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
locked card icon
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Examlex
Examlex
Work With Us
Policies
Download the App
Scan to downloadDownload the App
qr-code
Links
Links
Work With Us
Download the App

Scan to downloadDownload the App
qr-code

Copyright © 2025 Examlex LLC.
  • facebook-footer
  • instagram-footer
  • x-footer
  • tiktok
  • Linktree