Exam (elaborations)
CCSP - Sybex All exam questions with 100- correct answers.
- Course
- Institution
CCSP - Sybex All exam questions with 100- correct answers.
[Show more]
Content preview
CCSP - Sybex All examquestions with 100% correct
answers
acceptable use policy (AUP)
A formal statement of policy signed by management, acknowledged
by the user with their signature, and typically enforced by the
Human Resources department. The policy should state prohibited
uses such as those related to religion or topics of questionable use
and that computing resources are for company business only. The
AUP should also state the prohibition of administrative system
utilities and related system tools not specifically authorized as
contraband. This eliminates any excuses or misunderstanding and
enforces separation of duties.
access control lists (ACLs)
An access control list (ACL) specifies which users or system
processes have access to a specific object, such as an application or
process, in addition to what operations they can perform.
Advanced Encryption Standard (AES)
AES is a symmetric block type of cipher used to encrypt information.
It is currently the standard for the U.S. government in protecting
sensitive and secret documents. It is the gold standard of
encryption when implemented properly.
Amazon EC2
Amazon EC2 is a web service that provides scalable computing
capacity in the cloud. It is an example of IaaS.
annual loss expectancy (ALE)
The amount an organization should expect to lose on an annual
basis due to incidents. It is typically calculated by multiplying the
annual rate of occurrence (ARO) by the single loss expectancy (SLE).
ALE = ARO × SLE
annual rate of occurrence (ARO)
,The annual rate of occurrence (ARO) of an event or security incident
is how many times you could expect this event to occur in any given
12-month period.
anonymization
Anonymization is the act of permanently and completely removing
personal identifiers from data, such as converting personally
identifiable information (PII) into aggregated data.
Anything-as-a-Service (AaaS or XaaS)
Anything-as-a-Service, also known as AaaS or XaaS, refers to the
growing diversity of services available over the Internet via cloud
computing as opposed to residing locally or on premises.
Apache CloudStack
An open source cloud computing and Infrastructure as a Ser-vice
(IaaS) platform developed to help IaaS make creating, deploying,
and managing cloud services easier by providing a complete stack
of features and components for cloud environments.
API gateway
A device that filters API traffic. It can be either a proxy or a specific
part of your application stack that comes into play before data is
processed. Additionally, it can implement access controls, rate
limiting, logging, metrics, and security filtering.
Application Normative Framework (ANF)
A subset of an organizational normative framework (ONF) that
contains only the information required for a specific business appli-
cation to reach the targeted level of trust. There is a many-to-one
relationship between ANFs and ONFs.
application programming interfaces (APIs)
APIs are sets of routines, standards, proto-cols, and tools for
building software applications to access a web-based software
applica-tion or web tool. The two most widely used API formats
include REST and SOAP.
application security management process (ASMP)
ISO/IEC 27034-1 defines an ASMP used to manage and maintain
ANFs created in five steps: Specifying the application requirements
and environment Assessing application security risks Creating and
, maintaining the ANF, Provisioning and operating the application,
Auditing the security of the application
application virtualization
Application virtualization is a software technology that allows for
encapsulation of application software execution on an underlying
operating system.
auditability
Auditability refers to something being in the state of readiness for
audit-ing. In the context of cloud computing, it refers to the ability
of an organization to obtain specific information regarding reporting
and actions, controls, and processes.
Australian Privacy Act of 1988
APA, enacted in 1988, is an Australian regulation detailing individual
privacy safeguards. It includes laws and rules governing the
collection, use, storage, and disclosure of personal information, as
well as access to and correction of that information.
authentication
The act of identifying or verifying the eligibility of a station,
originator, or individual to access specific categories of information.
Typically, it is a measure designed to protect against fraudulent
transmissions by establishing the validity of a transmission,
message, station, or originator.
authorization
The granting of right of access to a user, program, or process.
availability
Refers to the availability of services and or data. It also represents
one leg of the three legs of the CIA Triad: confidentiality, integrity,
and availability.
Big Data
Big Data is a term used to describe extremely large datasets used to
reveal trends and otherwise undetectable patterns. Big Data is
often computationally analyzed using cloud infrastructure and
applications due to their scalability and access to large datasets.
bit splitting
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller BRAINBOOSTERS. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $15.99. You're not tied to anything after your purchase.
Can Stuvia be trusted?
4.6 stars on Google & Trustpilot (+1000 reviews)
82871 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy study notes for 14 years now