===== Domain 1.セキュリティとリスクマネジメント =====

==== 情報セキュリティの概念 ====
  * [[CIA]]
    * [[Confidentiality]] ([[機密性]])
    * [[Integrity]] ([[完全性]])
    * [[Availability]] ([[可用性]])
  * Identity and [[AAA]]
    * Identity
    * Authentication ([[認証]])
    * Authorization ([[認可]])
    * Accountability (責任追跡性・説明責任)
  * Non-repudiation ([[否認防止]])
  * Least Privilege ([[最小権限]])
  * [[Subjects and Objects]]
  * [[Defense-in-Depth]] ([[多層防御]])
  * [[Due Care and Due Diligence]]
  * [[Gross Negligence]] (重過失)
  * [[Legal and Regulatory]] ([[法律、規制]])


==== 用語 ====
  * [[Annualized Loss Expectancy]]
  * [[Threat]]
  * [[Vulnerability]]
  * [[Risk]]
  * [[Safeguard]]
  * [[TCO]] (Total Cost of Ownership)
  * [[ROI]] (Return on Investment)