U11 - Technical Language used in reports

1234567891011121314151617181920212223242526272829
Across
  1. 1. Significant damage requiring substantial resources to resolve. (Risk severity)
  2. 3. International standard for managing information security. (compliance framework)
  3. 4. (8,6) A trustworthy origin of information or evidence. (Reliability)
  4. 9. Formal rules and guidelines for secure system use and behaviour. (Administrative controls)
  5. 10. A potential event or action that could cause harm to systems, data, or operations. (Risk Assessment)
  6. 11. A weakness in a system or process that can be exploited by a threat. (Risk Assessment)
  7. 13. Video surveillance used to monitor and record physical activity. (Physical control)
  8. 15. Noticeable disruption but recoverable without major cost. (Risk severity)
  9. 16. (8,9) Assurance that evidence remains unchanged and reliable. (Forensic Analysis)
  10. 19. (6,6,4) A locked and restricted area for housing critical hardware. (Physical control)
  11. 20. Verification that data or evidence is genuine. (Reliability)
  12. 22. (5,2,7) Documentation showing who handled evidence and when. (Forensic Analysis)
  13. 24. (9,6) Authentication using unique biological traits like fingerprints. (Physical control)
  14. 26. (4,10,3,4) UK law that governs the collection, processing, and use of personal data; works with UK GDPR and grants individuals rights over their data. (compliance framework)
  15. 27. EU regulation governing personal data protection and privacy. (compliance framework)
  16. 28. The level of damage or disruption that a successful attack or incident would cause. (Risk Assessment)
  17. 29. (3,4) A record of system events and activities for analysis. (Forensic Analysis)
Down
  1. 2. (8,8) A structured approach to detect, contain, and recover from security incidents. (Administrative controls)
  2. 5. (5-6,14) A login method requiring two or more verification factors. (Technical control)
  3. 6. Actions taken to reduce the impact of a threat. (Incident Review & Security Report)
  4. 7. The probability that a threat will exploit a vulnerability. (Risk Assessment)
  5. 8. (10,8) Steps implemented to stop incidents before they occur. (Incident Review & Security Report)
  6. 12. Critical impact causing severe operational or financial loss. (Risk severity)
  7. 13. (8,6,3,4) UK law criminalizing unauthorized access and misuse of computer systems.(compliance framework)
  8. 14. (8,4) The remaining risk after controls have been applied. (Incident Review & Security Report)
  9. 17. The process of converting data into a coded format to prevent unauthorized reading. (Technical control)
  10. 18. control Procedures that define who can view or use resources.(Administrative controls)
  11. 21. (6-5)Designed to prevent unauthorized alteration. (Reliability)
  12. 23. A network security device that filters traffic to block unauthorized access. (Technical control)
  13. 25. A date and time marker showing when an event occurred. (Forensic Analysis)
  14. 29. Minimal impact on operations; easily managed. (Risk severity)