Blog

The threats-vulnerabilities-assets (TVA) worksheet is a document that shows a comparative ranking of prioritized assets against prioritized threats, with an indication of any vulnerabilities in the asset/threat pairings.

According to Sun Tzu, if you know yourself and know your enemy, you have an average chance to be successful in an engagement.

In a ________, assets or threats can be prioritized by identifying criteria with differing levels of importance, assigning a score for each of the criteria, and then summing and ranking those scores.

A disaster is any adverse event that could result in loss of an information asset or assets, but does not currently threaten the viability of the entire organization.

In a cost-benefit analysis, a single loss expectancy (SLE) is the calculated value associated with the most likely loss from an attack; the SLE is the product of the asset’s value and the annualized loss expectancy.

Authentication is the process of validating and verifying an unauthenticated entity’s purported identity.

A content filter is essentially a set of scripts or programs that restricts user access to certain networking protocols and Internet locations.

Firewalls can be categorized by processing mode, development era, or structure.

Cost-benefit analyses (CBAs) cannot be calculated after controls have been functioning for a time, as observation over time prevents precision in evaluating the benefits of the safeguard and determining whether it is functioning as intended.

A security policy should begin with a clear statement of purpose.