Protective Security Requirements Crossword

Edit Answers
123456789101112131415161718192021222324252627282930313233343536
Across
  1. 2. An acronym for the plan that helps ensure critical systems and services are maintained in crises.
  2. 6. Disabling these in MS Word is good security practice.
  3. 11. The agency executive with overall responsibility for security.
  4. 13. Business ________ Level
  5. 16. Head of information security in an organisation.
  6. 17. A security classification indicating that compromise of this information could cause exceptionally grave damage to the national interest.(3,6)
  7. 20. Actions taken to lessen the likelihood and/or consequences associated with risks.
  8. 21. Acronym for the multi-disciplinary approach to deterring opportunistic criminal behaviour through environmental design.
  9. 22. These provide step-by-step guides to undertaking information security related tasks and processes.
  10. 24. A source that has the potential or intent to do harm.
  11. 26. Information requiring special protection through separation (12,11).
  12. 28. Grade of container required to secure TS in a SCIF (5,1)
  13. 30. A process to identify and control threats to assets. (4,10)
  14. 34. A document describing the characteristics of a proposed operation, process or system and their use (abbr).
  15. 35. Indicates that the information is specific to a certain interest, requiring need-to-know access.
  16. 36. Process of validating your access to a system.
Down
  1. 1. The PSR contains ___________ on governance and assurance processes and controls based on comprehensive risk and threat assessments, research and environmental monitoring.
  2. 3. _____ computing is a type of Internet-based computing that provides shared computer processing resources and data to computers and other devices on demand.
  3. 4. Updating software to the latest version, normally to fix bugs and security holes.
  4. 5. Acronym for the agency officer responsible for the security of people, information, and/or assets at an event.
  5. 7. The formal authority to operate an information system or site, requiring the acceptance of residual risks.
  6. 8. A multi-layered, systematic approach to security in which security countermeasures are combined to support and complement eachother. (8,2,5)
  7. 9. Acronym for the list of all security products that can be used to protect classified material.
  8. 10. This type of plan is used to ensure that security incidents are appropriately managed.(8,8)
  9. 12. Any area, room(s), building or installation that handles classified information (8,4).
  10. 13. Acts as a conduit for security guidance between the CISO and the system admins.
  11. 14. Agency required to provide guidance and assistance to departments on matters relating to the security of classified information.
  12. 15. Information __________ is confidence in the governance of information systems and that effective security measures are implemented.
  13. 18. Collects and analyses system security logs.
  14. 19. The formal assertion that an information system complies with minimum standards and agreed design, including any security requirements.
  15. 23. If you back up to ______ storage, your system will be resilient against ransomeware.
  16. 25. Disabling any unnecessary features and services in a system or application.
  17. 27. Acronym for the best practice approach to identifying and reducing potential security risks.
  18. 29. Abbreviated name for what is used to describe the implementation and operation of controls derived from the NZISM within the system.
  19. 31. Any accredited area where Sensitive Compartmented Information is handled.
  20. 32. The periodic review and validation of security measures.
  21. 33. Abbreviation for cryptologic equipment approved to handle classified material.