diff options
| -rw-r--r-- | learn/hacking/README.md | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/learn/hacking/README.md b/learn/hacking/README.md index 7e7cedb..86818b4 100644 --- a/learn/hacking/README.md +++ b/learn/hacking/README.md @@ -292,11 +292,17 @@ an incident has been fully resolved before sharing details of it with others. technical transport mechanisms for enabling info exchange to occur in an automated fashion. +Risk Management + +Risk mgmt is the ongoing process of identifying, assessing, and responding to +risk. + ## Glossary * ACL: Access Control List * APT: Advanced Persisten Threat * AUP: Acceptable Usage Policy +* CEA: Cybersecurity Enhancement Act * CIA: Confidentiality, Integrity, Availability * CIRT: Computer Incident Response Team * CISO: Chief Information Security Officer @@ -308,6 +314,7 @@ an incident has been fully resolved before sharing details of it with others. * IOC: Indicator of Compromise * IR: Incident Response * NIDS: Network Intrustion Detection System +* NIST: National Institute of Standards and Technology * PE: Portable Executable * PII: Personally Identifiable Information * PR: Public Relations @@ -331,3 +338,4 @@ an incident has been fully resolved before sharing details of it with others. * [Intel Driven Defense](https://www.lockheedmartin.com/content/dam/lockheed-martin/rms/documents/cyber/LM-White-Paper-Intel-Driven-Defense.pdf) * [IR Stages](https://www.secureworks.com/blog/incident-response-life-cycle-phases-for-effective-ir) * [NIST IR Guide](https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-61r2.pdf) +* [Framework for Improving Critical Infrastructure](https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.04162018.pdf) |