"A control, method, technique, or procedure that is put into place to prevent a threat agent from exploiting a vulnerability. A countermeasure is put into place to mitigate risk. Also called a safeguard or control." (Shon Harris & Fernando Maymi, "CISSP All-in-One Exam Guide" 8th Ed., 2018)
"A defensive mechanism intended to address a class of attack." (O Sami Saydjari, "Engineering Trustworthy Systems: Get Cybersecurity Design Right the First Time", 2018)
"An action, a device, a procedure, or a technique that reduces a threat, a vulnerability, or an attack by eliminating or preventing it, by minimizing the harm it can cause, or by discovering and reporting it so that corrective action can be taken." (William Stallings, "Effective Cybersecurity: A Guide to Using Best Practices and Standards", 2018)
"Countermeasures are steps that can be taken, and systems that can be implemented, to prevent internal and external threats from accessing your data and causing issues." (Michael Coles & Rodney Landrum, , "Expert SQL Server 2008 Encryption", 2008)
"Used to refer to any type of control" (ITIL)
No comments:
Post a Comment