CISMP GLOSSARY ACTUAL EXAM QUESTIONS AND ANSWERS
WITH COMPLETE SOLUTIONS VERIFIED LATEST UPDATE
Glossary 1
Acceptable use: A policy used to identify what personal use of company resources is
acceptable
Accountability: The attribute of having to answer for one’s
actionsAccredited: Acknowledgement by an official body that an individual or entity has
met
predefined criteria
Active content: Content on a website that is either interactive, such as internet polls, or
dynamic, such as animated pictures, JavaScript applications or ActiveX applications
Analysis: The detailed examination of the elements or structure of an entity Anti-
virus: Software designed to negate or destroy a computer virusAssessment: An
estimation of the nature or quality of an entityAsset: Something that has a value to an
organisation
Assurance: A positive acknowledgement designed to provide confidenceAsymmetric
cryptography: A cryptographic system requiring two separate keys, one of
which is secret and one of which is public
Audit: A formal inspection of an organisation’s processes or procedures
Authentication: The assurance that a person or entity is who they claim to be
, Authorisation: An official sanction that an individual is permitted to carry out a task or
to have access to information
Availability: The property of being accessible where and when required by an
authorised person, entity or process
Backdoor: A method of bypassing normal authentication methods, securing illegal
remote access to a computer
Baseline controls: Standards that are used to define how systems should be
configured and managed securely
Glossary 2
Biometrics: Biometric identifiers are the distinctive, measurable characteristics used to
label, describe and identify individuals
Bring your own device (BYOD): A scheme adopted by some organisations that
permits staff to use their own desktop and laptop computers, tablets and smartphones
instead of, or as well as, those provided by the organisation
Business continuity: The ability of an organisation to continue to function in order to
deliver its products or services at an acceptable level following a business disruption
Business impact analysis: The process of analysing the consequences a business
disruption might have upon the organisation’s assets
Certification: A process confirming that a person has reached a predefined level of
achievement
Classification: The arrangement of items into taxonomic groups – in the information
security context, it labels information to identify any defined processing, handling,
storage or transmission measures required to ensure appropriate security
WITH COMPLETE SOLUTIONS VERIFIED LATEST UPDATE
Glossary 1
Acceptable use: A policy used to identify what personal use of company resources is
acceptable
Accountability: The attribute of having to answer for one’s
actionsAccredited: Acknowledgement by an official body that an individual or entity has
met
predefined criteria
Active content: Content on a website that is either interactive, such as internet polls, or
dynamic, such as animated pictures, JavaScript applications or ActiveX applications
Analysis: The detailed examination of the elements or structure of an entity Anti-
virus: Software designed to negate or destroy a computer virusAssessment: An
estimation of the nature or quality of an entityAsset: Something that has a value to an
organisation
Assurance: A positive acknowledgement designed to provide confidenceAsymmetric
cryptography: A cryptographic system requiring two separate keys, one of
which is secret and one of which is public
Audit: A formal inspection of an organisation’s processes or procedures
Authentication: The assurance that a person or entity is who they claim to be
, Authorisation: An official sanction that an individual is permitted to carry out a task or
to have access to information
Availability: The property of being accessible where and when required by an
authorised person, entity or process
Backdoor: A method of bypassing normal authentication methods, securing illegal
remote access to a computer
Baseline controls: Standards that are used to define how systems should be
configured and managed securely
Glossary 2
Biometrics: Biometric identifiers are the distinctive, measurable characteristics used to
label, describe and identify individuals
Bring your own device (BYOD): A scheme adopted by some organisations that
permits staff to use their own desktop and laptop computers, tablets and smartphones
instead of, or as well as, those provided by the organisation
Business continuity: The ability of an organisation to continue to function in order to
deliver its products or services at an acceptable level following a business disruption
Business impact analysis: The process of analysing the consequences a business
disruption might have upon the organisation’s assets
Certification: A process confirming that a person has reached a predefined level of
achievement
Classification: The arrangement of items into taxonomic groups – in the information
security context, it labels information to identify any defined processing, handling,
storage or transmission measures required to ensure appropriate security
