563748728 | Due diligence | a company identifies the risks to its business, develops and implements strategies for handling the risk, and informs its employees | |
563748729 | Due process | Everyone held to the same standard; impartial and fair inquiry into violations of organizational policy | |
563748730 | Security policy | policies concerning general organizational security including physical access, access control to data, and security through proper organizational structures and data security principles. | |
563748731 | Mandatory vacation | a policy that requires employees to use their vacations at specific times of year or all of their vacation days allotted for a single year to help detect security issues such as fraud and other internal hacking activities. | |
563748732 | Least privilege | a security best practice that provides users only access rights they need to perform their job functions. | |
563748733 | Job rotation | a policy that provides improved security by ensuring no employee retains the same amount of access control or a particular responsibility for a period of time. This prevents internal corruption from employees who would take advantage of their long-term position and security access. | |
563748734 | Separation of duties | Critical responsibilities are separated between several users to prevent corruption; a single individual isn't tasked with high security and high risk responsibilities. | |
563748735 | Service Level Agreement (SLA) | A contract or an understanding between a supplier of services and the users of those services that the service in question will be available for a certain percentage of time. | |
563748736 | Change management | official company procedures used to approve changes to the company's networks or communications services. | |
563748737 | Incident management | planned organizational response to incidents. used to quickly contain a problem and recover to normal operations. | |
563748738 | Audits | reviews/inspections that ensure your organization's policies are correctly defined, implemented properly, and communicated efficiently to all users. | |
563748739 | Data Loss Prevention (DLP) | a security concept focused on preventing the loss of data and protecting its confidentiality and privacy. | |
563748740 | False positive | A legitimate action that is perceived as a risk or threat. | |
563748741 | False negative | An illegitimate action that is not perceived as a risk or threat. |
Security+ Chapter 1: Organizational Security Flashcards
Primary tabs
Need Help?
We hope your visit has been a productive one. If you're having any problems, or would like to give some feedback, we'd love to hear from you.
For general help, questions, and suggestions, try our dedicated support forums.
If you need to contact the Course-Notes.Org web experience team, please use our contact form.
Need Notes?
While we strive to provide the most comprehensive notes for as many high school textbooks as possible, there are certainly going to be some that we miss. Drop us a note and let us know which textbooks you need. Be sure to include which edition of the textbook you are using! If we see enough demand, we'll do whatever we can to get those notes up on the site for you!