domain_1.security_and_risk_management

Table of Contents

Domain 1.セキュリティとリスクマネジメント
- 情報セキュリティの概念
- 用語

Domain 1.セキュリティとリスクマネジメント

情報セキュリティの概念

CIA
- Confidentiality (機密性)
- Integrity (完全性)
- Availability (可用性)
Identity and AAA
- Identity
- Authentication (認証)
- Authorization (認可)
- Accountability (責任追跡性・説明責任)
Non-repudiation (否認防止)
Least Privilege (最小権限)
Subjects and Objects
Defense-in-Depth (多層防御)
Due Care and Due Diligence
Gross Negligence (重過失)
Legal and Regulatory (法律、規制)

用語

Annualized Loss Expectancy
Threat
Vulnerability
Risk
Safeguard
TCO (Total Cost of Ownership)
ROI (Return on Investment)