CIS 27 Chapter 1

123456789101112131415161718192021222324252627282930
Across
  1. 2. software embedded into hardware
  2. 4. unskilled attackers
  3. 6. pose a threat from the position of a trusted entity
  4. 7. only authorized parties can view the information
  5. 9. Preselected options for authentication
  6. 12. Software in which no additional processes
  7. 16. Controls that provide an alternative to normal controls
  8. 17. End of a product’s manufacturing lifespan
  9. 18. Erroneous technology settings
  10. 19. unauthorized copying of data
  11. 22. Individual or entity who is responsible for attacks
  12. 25. Unnecessary ports that are not disabled
  13. 27. Safeguard employed within an enterprise to protect the CIA of information
  14. 28. Timely, reliable access to authorized information
  15. 29. Network that moves a product from its creation to the end-user
  16. 30. outsourcing the responsibility of a IT resources
Down
  1. 1. Businesses that furnish solutions or services to users and organizations
  2. 3. Process of bypassing corporate approval for technology purchases
  3. 5. Vulnerability for which there are no days of advanced warning
  4. 8. no unauthorized person or malicious software has altered the data
  5. 10. Provides framework to control access to resources
  6. 11. Threat actor's motivation of sound moral principles
  7. 13. Erroneous technology settings.
  8. 14. older hardware platform
  9. 15. discourage security violation before they occur
  10. 17. Secretly gathering information for a rival
  11. 20. mitigate or lessen the damage caused by the incident
  12. 21. software update is infected with malware
  13. 23. Threat actors who are strongly motivated by philosophical or political beliefs.
  14. 24. Verifying the identity of a user or process
  15. 26. Threat actors who are employed by their own government to carry out attacks.