expand for answer
Safeguard
1. Protection included to counteract a known or expected condition. 2. Incorporated countermeasure or set of countermeasures within a base release. Anything that removes a vulnerability or protects against one or more specific threats. Also referred to as a countermeasure.
Similar items:
Extent to which protective measures, techniques, and procedures must be applied to information systems and networks based on risk, threat, vulnerability, system interconnectivity considerations, and information assurance needs. Levels of protection are: 1. Basic: information system and networks requiring implementation of standard minimum security countermeasures. 2. Medium: information system and networks requiring layering of additional safeguards above the standard minimum security countermeasures. 3. High: information system and networks requiring the most stringent protection and rigorous security countermeasures.
[view]
[view]
A program used to detect weaknesses within an organization. Vulnerability scans and vulnerability assessments are two common elements of a vulnerability management program. Vulnerability scans are technical scans performed regularly, and vulnerability assessments are normally combined with a risk assessment.
[view]
[view]
Actions taken to patch a vulnerability or secure a system against an attack. Countermeasures can include altering access controls, reconfiguring security settings, installing new security devices or mechanisms, adding or removing services, and so on.
[view]
[view]
Possibility that a particular threat will adversely impact an information system by exploiting a particular vulnerability. The likelihood that any specific threat will exploit a specific vulnerability to cause harm to an asset. Risk is an assessment of probability, possibility, or chance. Risk = threat - vulnerability. The probability that a particular security threat will exploit a particular vulnerability.
[view]
[view]
A process used to identify vulnerabilities, or weaknesses. It can include both technical means, such as vulnerability scans, and nontechnical means, such as an evaluation or inspection of existing data on threats and vulnerabilities. Examination of information to identify the elements comprising a vulnerability. The systematic examination of systems to determine the adequacy of security measures, identify security deficiencies, and provide data from which to predict the effectiveness of proposed security measures.
[view]
[view]
There are no comments yet.