Incident Response and IAM Flashcards
HardSpaced repetition with the SM-2 algorithm — grade each card and PlayPrepHQ schedules it to resurface right before you'd forget it. Progress saves in this browser.
Loading your deck…
Advertisement
Terms in this set
- Forensics Collecting and analyzing evidence from systems in a defensible, repeatable way.
- Recovery Restoring systems and data to normal operations after an incident or outage.
- Detection Identifying that an incident or anomaly has occurred.
- Response Taking action on a confirmed incident — investigate, contain, eradicate, recover, learn.
- Containment Limiting the spread or impact of an active incident.
- Eradication Removing the threat and all traces of the attacker from the environment.
- Quarantine Isolating a suspect file, system, or user pending investigation.
- Incident A confirmed security event that violates policy or threatens confidentiality, integrity, or availability.
- Password A secret string used to authenticate identity — the most common 'something you know' factor.
- Smart Card A tamper-resistant card holding cryptographic credentials, used with a reader for authentication.
- SSO Single Sign-On — one authentication grants access to multiple integrated applications.
- CVE Common Vulnerabilities and Exposures — a unique identifier for a publicly disclosed vulnerability.
- CVSS Common Vulnerability Scoring System — a 0-10 severity score for vulnerabilities.