CISMP GLOSSARY EXAM QUESTIONS AND ANSWERS WITH
COMPLETE SOLUTIONS VERIFIED
Acceptable Use Policy (AUP)
A policy used to identify what personal use of company resources is acceptable
Accountability
ability to answer for one's own actions
Active content
Content on a website that is either interactive, such as internet polls, or dynamic, such
as animated pictures, JavaScript applications or ActiveX applications
anti-virus
Software designed to negate or destroy a computer virus
Assets
Something that has a value to an organisation
Asymmetric cryptography
A cryptographic system requiring two separate keys, one of which is secret and one of
which is public
Authentication
The assurance that a person or entity is who they claim to be
Authorisation
An official sanction that an individual is permitted to carry
out a task or to have access to information
, availability
The property of being accessible where and when required by an authorised person,
entity or process
Backdoor
A method of bypassing normal authentication methods, securing illegal remote access
to a computer
Baseline controls
Standards that are used to define how systems should be configured and managed
securely
Biometrics
the distinctive, measurable characteristics used to label, describe and identify
individuals, fingerprints, palm veins, face recognition, palm print, hand geometry, iris
recognition, retina, odor/scent, voice, and gait. Behavioral characteristics
Bring your own device (BYOD)
A scheme adopted by some organisations that permits staff to use their own desktop
and laptop computers, tablets and smartphones instead of, or as well as, those provided
by the organisation
Business continuity
The ability of an organisation to continue to function in order to deliver its products or
services at an acceptable level following a business disruption
Business Impact Analysis (BIA)
The process of analysing the consequences a business disruption might have upon the
organisation's assets
COMPLETE SOLUTIONS VERIFIED
Acceptable Use Policy (AUP)
A policy used to identify what personal use of company resources is acceptable
Accountability
ability to answer for one's own actions
Active content
Content on a website that is either interactive, such as internet polls, or dynamic, such
as animated pictures, JavaScript applications or ActiveX applications
anti-virus
Software designed to negate or destroy a computer virus
Assets
Something that has a value to an organisation
Asymmetric cryptography
A cryptographic system requiring two separate keys, one of which is secret and one of
which is public
Authentication
The assurance that a person or entity is who they claim to be
Authorisation
An official sanction that an individual is permitted to carry
out a task or to have access to information
, availability
The property of being accessible where and when required by an authorised person,
entity or process
Backdoor
A method of bypassing normal authentication methods, securing illegal remote access
to a computer
Baseline controls
Standards that are used to define how systems should be configured and managed
securely
Biometrics
the distinctive, measurable characteristics used to label, describe and identify
individuals, fingerprints, palm veins, face recognition, palm print, hand geometry, iris
recognition, retina, odor/scent, voice, and gait. Behavioral characteristics
Bring your own device (BYOD)
A scheme adopted by some organisations that permits staff to use their own desktop
and laptop computers, tablets and smartphones instead of, or as well as, those provided
by the organisation
Business continuity
The ability of an organisation to continue to function in order to deliver its products or
services at an acceptable level following a business disruption
Business Impact Analysis (BIA)
The process of analysing the consequences a business disruption might have upon the
organisation's assets
