Across
- 2. Assessment approach based on numbers.
- 3. A plan that addresses the impact level of the availability objective.
- 6. The first step in a process that defines the impact levels of the CIA.
- 7. An attempted security violation.
- 9. Weakness in an information system.
- 13. The acronym of a framework that manages risk.
- 14. A measurement of extent of a threat.
- 15. Unauthorized modification.
- 17. Any person with authorized access to a system.
Down
- 1. Assessment approach based on non-numerical values.
- 3. The practice of protecting HW, SW, and data.
- 4. Unauthorized disclosure.
- 5. Reliable and timely access to resources.
- 8. The practice of using email or fake websites to do something malicious.
- 10. A successful security violation.
- 11. Technical artifacts or events that suggest an attack is imminent.
- 12. Event with the potential to impact an organization.
- 16. The acronym of an analysis that is a key step in planning for key mission components of an IS.