logo

National Institute of Standards and Technology (NIST) Cyber Security Framework and Terminologies

Explain the functions of the NIST cyber security framework and how it can assist organizations in protecting themselves from cyber threats.

11 Pages1515 Words26 Views
   

Added on  2022-12-22

About This Document

This document provides an overview of the National Institute of Standards and Technology (NIST) Cyber Security Framework and explains important terminologies in cyber security. It discusses the functions of the NIST framework and how it can assist organizations in protecting themselves from cyber threats. It also defines and explains terminologies such as information security, incident response standards, threat actors, threat vectors, and more. Additionally, the document explores the importance of having a professional cyber security officer on staff. The content is relevant to the subject of cyber security and is suitable for individuals studying or working in this field.

National Institute of Standards and Technology (NIST) Cyber Security Framework and Terminologies

Explain the functions of the NIST cyber security framework and how it can assist organizations in protecting themselves from cyber threats.

   Added on 2022-12-22

ShareRelated Documents
Cyber security
1
National Institute of Standards and Technology (NIST) Cyber Security Framework and Terminologies_1
Table of Contents
TASK 1............................................................................................................................................3
TASK 2............................................................................................................................................3
TASK 3............................................................................................................................................3
REFERENCES................................................................................................................................5
2
National Institute of Standards and Technology (NIST) Cyber Security Framework and Terminologies_2
TASK 1
1.1 What is the National Institute of Standards and Technology (NIST) cyber security framework and
what are its functions? How can it assist organisations to protect themselves from cyber threats?
(max 150 words)
It is a framework of policy of computer security which consists of guidelines that how private
companies in US can enhance security. Also, it enables organisation to detected, prevent and
respond to cyber attacks (El Mrabet and et.al., 2018). They are set of practices, standards and
recommendations which help companies to improve its cyber security measures. Its 5 functions
are defined as below ;
Identify – this enable companies to manage their cyber security risk to people, data, etc.
Protect- it outline safeguard to ensure delivery of infrastructure services.
Detect- it lay down activities to find out risk of cyber security event.
Respond- in this relevant measures are taken to detect cyber security incident.
Recover – the activities by which services that are impaired during event is restored.
It assist organisation to follow framework and guidelines to protect their network from
attacks and take relevant measures to improve it.
1.2 Define/explain each of the following terminologies in your own words: (max 50 words each)
Information Security- it refers to practice in order to prevent, access, use, record, info that is be-
ing shared. Basically, it means to prevent data and info from unauthorized access and maintain
its confidentiality.
Incident Response Standards- This is process which through which incident is detected and re-
sponded by organizations in cyber security. There are 4 stages in it that are preparation, detec-
tion, containment and recovery. The NIST has set this framework.
Threat Actors- they are group, individual, states, etc. whose main purpose is to take advantage of
security or technology in order to gain access of confidential data or info from network, device,
etc. for example- hackers, cyber criminals, state actor, etc. (Gunduz and Das 2020)
3
National Institute of Standards and Technology (NIST) Cyber Security Framework and Terminologies_3
Threat Vectors- It defines a path or way by which cyber criminals gain access from 1 or 6 routes
into computer system. This is done by exploiting route vulnerability. Here, 6 main routes are e
mail, user, network, mobile, remote access and web application.
Threat Goals- It is goal of attacker which want to be accomplished by compromising with sys-
tem. The goal can be access info, obtain user id and password, etc. the threat goals depends on
need of attacker.
Logical access control- They are those controls that either prevent or allow access to resources
once a user's identity already has been established. It only allow user to gain access of control to
perform their duties (Lallie and et.al., 2021)
Physical access control- It is the restriction of access to a physical space within organization. The
access can be either in room, building, IT asset, etc. Also, it keeps track record of who has en-
tered or exit in it.
Firewall- It is a network security device that monitors and filters incoming and outgoing network
traffic based on an organization's security policies. Basically, it is barrier between internet and
private network. Also, it blocks unnecessary traffic to be entered into network.
Gateway- It is network node which connect two network that are having different transmission
protocols. They are entry and exit points in network through which data is passed and as per
gateway route. It simplify network connection into one device.
Botnets- A botnet is internet connected devices that runs on one or more bots. Botnets perform
distributed denial of service attacks, steal data, send spam, and allow the attacker to access the
device and its connection.
Cyber Kill chain- they are series of steps that trace stages of a cyberattack from the early
reconnaissance stages to the exfiltration of data. It helps us understand and combat ransomware,
security breaches, and advanced persistent attacks (Srinivas and et.al., 2019).
IAM- It defines and manage the roles and access privileges of individual network users and the
circumstances in which users are granted privileges. It provide digital identity to one individual
one time.
4
National Institute of Standards and Technology (NIST) Cyber Security Framework and Terminologies_4

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
Cybersecurity Assignment 2022
|12
|3058
|22

CYBER SECURITY Name: Student Id: Name of univeristy:.
|8
|4621
|39

IT Security Risks and Risk Mitigation Approaches : Report
|7
|2906
|188

IS Security and Risk Management
|12
|3177
|391

Computer Security: Fundamentals, Examples, and Countermeasures
|15
|5240
|98

Computer Security: Protecting Systems and Information
|15
|5076
|58