(ISC)² CISSP Certified Information Systems Security Professional Official Study Guide
CISSP Accountability ANSWER: Holds individuals accountable for their actions Accountability Principle ANSWER: OECD Privacy Guideline principle which states individuals should have the right to challenge the content of any personal data being held, and have a process for updating their personal data if found to be inaccurate or incomplete Act honorably, justly, responsibly, and legally ANSWER: Second canon of the (ISC)2 Code of ethics Administrative Law ANSWER: Law enacted by government agencies, aka regulatory law Advance and protect the profession ANSWER: Fourth canon of the (ISC)2 Code of Ethics Agents of law enforcement ANSWER: Private citizens carrying out actions on the behalf of law enforcement AIC triad ANSWER: The three security principles: availability, intregrity, and confidentiality. ALE/Annualized Loss Expectancy ANSWER: The cost of loss due to a risk over a year Annualized loss expectancy (ALE) ANSWER: A dollar amount that estiamtes the loss potenial from a risk in a span of a year. Single Loss Expectancy (SLE) x annualized rate of occurrence (ARO) = ALE Annualized Rate of Occurrence (ARO) ANSWER: The value that represents the estimated possibility of a specific threat taking place within a one-year timeframe. Antivirus Software ANSWER: Software designed to prevent and detect malware infections ARO/Annual Rate of Occurrence ANSWER: The number of losses suffered per year Attack ANSWER: An attempt to bypass security controls in a system with the mission of using that system or compromising it. An attack is usually accomplished by exploiting a current vulnerability. Authentication ANSWER: Proof of an Identity claim Authorization ANSWER: Actions an individual can perform on a system AV/Asset Value ANSWER: The Value of a protected asset Availability ANSWER: The reliability and accessibility of data and resources to authorized identified individuals in a timely manner. Availability ANSWER: Assures information is available when needed Awareness ANSWER: Security Control designed to change user behavior Background checks ANSWER: A Verification of a person's background and experience, Also called pre-
Written for
- Institution
- CISSP - Certified Information Systems Security Professional
- Course
- CISSP - Certified Information Systems Security Professional
Document information
- Uploaded on
- April 3, 2024
- Number of pages
- 70
- Written in
- 2023/2024
- Type
- Exam (elaborations)
- Contains
- Questions & answers
Subjects
-
isc cissp certified information systems securit
