Official (ISC)² CISSP (All Domains) WITH COMPLETE SOLUTIONS 100%

Official (ISC)² CISSP (All Domains) WITH COMPLETE SOLUTIONS 100% Administrative Controls - ANSWER Procedures implemented to define the roles, responsibilities, policies, and administrative functions needed to manage the control environment. Annualized Rate of Occurrence (ARO) - ANSWER An estimate of how often a threat will be successful in exploiting a vulnerability over the period of a year. Arms Export Control Act of 1976 - ANSWER Authorizes the President to designate those items that shall be considered as defense articles and defense services and control their import and the export. Availability - ANSWER The principle that ensures that information is available and accessible to users when needed. Breach - ANSWER An incident that results in the disclosure or potential exposure of data. Compensating Controls - ANSWER Controls that substitute for the loss of primary controls and mitigate risk down to an acceptable level. Compliance - ANSWER Actions that ensure behavior that complies with established rules. Confidentiality - ANSWER Supports the principle of "least privilege" by providing that only authorized individuals, processes, or systems should have access to information on a need-to-know basis. Copyright - ANSWER Covers the expression of ideas rather than the ideas themselves; it usually protects artistic property such as writing, recordings, databases, and computer programs. Corrective: Controls - ANSWER Controls implemented to remedy circumstance, mitigate damage, or restore controls. Data Disclosure - ANSWER A breach for which it was confirmed that data was actually disclosed (not just exposed) to an unauthorized party. Detective Controls - ANSWER Controls designed to signal a warning when a security control has been breached. Deterrent Controls - ANSWER Controls designed to discourage people from violating security directives. Directive Controls - ANSWER Controls designed to specify acceptable rules of behavior within an organization. Due Care - ANSWER The care a "reasonable person" would exercise under given circumstances. Due Diligence - ANSWER Is similar to due care with the exception that it is a pre-emptive measure made to avoid harm to other persons or their property. Enterprise Risk Management - ANSWER A process designed to identify potential events that may affect the entity, manage risk so it is within its risk appetite, and provide reasonable assurance regarding the achievement of entity objectives. Export Administration Act of 1979 - ANSWER Authorized the President to regulate exports of civilian goods and technologies that have military applications. Governance - ANSWER Ensures the business focuses on core activities, clarifies who in the organization has the authority to make decisions, determines accountability for actions and responsibility for outcomes, and addresses how expected performance will be evaluated. Incident - ANSWER A security event that compromises the confidentiality, integrity, or availability of an information asset. Integrity - ANSWER Comes in two forms; making sure that information is processed correctly and not modified by unauthorized persons, and protecting information as it transits a network. Information Security Officer - ANSWER Accountable for ensuring the protection of all of the business information assets from intentional and unintentional loss, disclosure, alteration, destruction, and unavailability. Least Privilege - ANSWER Granting users only the accesses that are required to perform their job functions. Logical (Technical) Controls - ANSWER Electronic hardware and software solutions implemented to control access to information and information networks. Patent - ANSWER Protects novel, useful, and nonobvious inventions. Physical Controls - ANSWER Controls to protect the organization's people and physical environment, such as locks, fire management, gates, and guards; physical controls may be called "operational controls" in some contexts.