Information Assurance Crossword Puzzle

1234567891011121314151617181920
Across
  1. 8. Many corporate data centers and high-end desktops use purpose-built chipsets. The security reviews and patch releases for these solutions are often not as rigorous as mass-market products, making them easy targets for hackers.
  2. 11. Metrics must be quantifiable, measured in concrete numbers, such as the number of successful phishing attempts or percentage reduction in system downtime.
  3. 13. Metrics should be realistic and attainable within the existing resources and capabilities of the organization, ensuring that data can be collected accurately.
  4. 16. Relates to the underlying technological infrastructure supporting information assurance.
  5. 17. The process of designating information as having a certain level of sensitivity, such as Unclassified, Confidential, Secret, or Top Secret.
  6. 19. IDSs use a combination of signature-based and anomaly-based detection.
  7. 20. The frequency of metric reporting should be timely, aligning with the rate of change expected from the underlying data or the goals they represent. For example, real-time reporting for active security incidents.
Down
  1. 1. IDSs can generate false positives, which are alerts that are triggered by legitimate activity. False positives can be time-consuming and costly to investigate.
  2. 2. Ensures the originator of a message or transaction may not later deny action
  3. 3. Why has the policy been created and how does the company benefit?
  4. 4. A repeatable metric should have a clear and consistent definition, allowing different staff members to gather and report data in the same manner, ensuring uniformity in measurement.
  5. 5. This policy outlines the organization's overall security goals and objectives. It also defines the specific security controls that must be implemented to protect the organization's assets.
  6. 6. Proving the genuineness of facts or documents.
  7. 7. Who is held accountable for the proper implementation of the policy?
  8. 9. Many companies leave the default passwords as-is when they install low-cost IoT devices out of the box. They then add these devices to their networks without considering the risks they may pose.
  9. 10. Keeping information secret or private.
  10. 12. Ensuring information can be used or obtained when needed.
  11. 14. A statement of who issued the policy and how that person has the authority to define and enforce the policy.
  12. 15. IDSs need to be tuned to the specific environment in which they are deployed. This can be a complex and time-consuming process.
  13. 18. It also involves provisions for the restoration of information systems in case of incidents or breaches, ensuring continuity