Cyber Security Incident Management

123456789101112131415
Across
  1. 3. An alert that incorrectly indicates that malicious activity is occurring (two words)
  2. 6. A weakness in a system, application, or network that is subject to exploitation or misuse
  3. 11. Measuring the characteristics of expected activity so that changes to it can be more easily identified
  4. 12. An attempt to trick someone into revealing information (eg, a password) that can be used to attack systems or networks (two words)
  5. 14. A sign that an incident may have occurred or may be currently occurring
  6. 15. Monitoring resources to determine typical utilization patterns so that significant deviations can be detected
Down
  1. 1. A recognizable, distinguishing pattern associated with an attack, such as a binary string in a virus or a particular set of keystrokes used to gain unauthorized access to a system
  2. 2. A violation or imminent threat of violation of computer security policies, acceptable use policies, or standard security practices
  3. 4. The mitigation of violations of security policies and recommended practices (two words)
  4. 5. Software that automates the process of monitoring the events occurring in a computer system or network and analyzing them for signs of possible incidents and attempting to stop detected possible incidents
  5. 7. The potential source of an adverse event
  6. 8. A capability set up for the purpose of assisting in responding to computer security-related incidents
  7. 9. A sign that an attacker may be preparing to cause an incident
  8. 10. A virus, worm, Trojan horse, or other code-based malicious entity that successfully infects a host
  9. 13. Any observable occurrence in a network or system