Security Plus

123456789101112131415161718192021222324
Across
  1. 4. Security controls that psychologically discourage attackers
  2. 6. Tricking targets into interacting with malicious resources disguised as trusted ones
  3. 8. Tracking and alerting on the usage of resources
  4. 10. Identifying deviations between current security systems and framework requirements
  5. 14. The path or tool used by a threat actor to execute an attack
  6. 16. Protecting data resources from unauthorized access, attack, theft, or damage
  7. 17. Determining and enforcing rights on resources
  8. 18. Security controls that enforce rules of behavior, policies, and procedures
  9. 21. Security controls that eliminate or reduce the likelihood of an attack succeeding
  10. 22. Ensuring that a person cannot deny performing an action
  11. 23. Creating an account or ID representing the user, device, or process
  12. 24. Ensuring information is accessible to authorized users when needed
Down
  1. 1. Ensuring data is stored and transferred as intended, without unauthorized modifications
  2. 2. Security controls implemented primarily by people
  3. 3. Proving the identity of a subject attempting to access a resource
  4. 5. Security controls that eliminate or reduce the impact of a security policy violation
  5. 7. Security controls that substitute for principal controls to provide equivalent protection
  6. 9. Security controls that identify and record attempted or successful intrusions
  7. 11. Ensuring information can only be read by authorized individuals
  8. 12. Security controls that provide oversight of the information system
  9. 13. The level of hazard posed by vulnerabilities and threats
  10. 14. Security controls implemented as hardware, software, or firmware
  11. 15. The potential for someone or something to exploit a vulnerability and breach security
  12. 19. A weakness that can be accidentally triggered or intentionally exploited
  13. 20. Security controls that deter and detect access to premises and hardware