Area 2: Security, Confidentiality, and Privacy (35-45%)
0 of 95 questions attempted
ALE = SLE x ARO
Single Loss Expectancy (SLE = asset value x exposure factor) times Annualized Rate of Occurrence (ARO). Used to justify security spending: implement control if cost < ALE reduction.
SLE = Asset Value x Exposure Factor (EF)
Expected monetary loss each time a risk event occurs. Exposure factor is the percentage of asset value lost (0 to 1).
Risk = Threat x Vulnerability x Impact
Qualitative or quantitative risk assessment. Threat is the probability of an attack, vulnerability is the likelihood of exploitation, impact is the resulting damage.
| Function | Key Categories | Purpose |
|---|---|---|
| Identify | Asset Management, Risk Assessment, Governance | Understand the organizational context and risk landscape |
| Protect | Access Control, Data Security, Training, Maintenance | Implement safeguards to ensure service delivery |
| Detect | Anomalies & Events, Continuous Monitoring, Detection Processes | Identify cybersecurity events in a timely manner |
| Respond | Response Planning, Communications, Mitigation, Analysis | Take action on detected cybersecurity events |
| Recover | Recovery Planning, Improvements, Communications | Restore capabilities impaired by cybersecurity events |
The five core functions of the NIST Cybersecurity Framework, in order. Remember: 'I Protect, Detect, Respond, Recover.'
The three pillars of information security. Confidentiality = prevent unauthorized disclosure. Integrity = prevent unauthorized modification. Availability = ensure authorized access when needed.