100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
CISSP EXAM QUESTIONS AND 100% CORRECT ANSWERS $17.99   Add to cart

Exam (elaborations)

CISSP EXAM QUESTIONS AND 100% CORRECT ANSWERS

 5 views  0 purchase
  • Course
  • CISSP
  • Institution
  • CISSP

CISSP EXAM QUESTIONS AND 100% CORRECT ANSWERS...

Preview 4 out of 123  pages

  • November 1, 2024
  • 123
  • 2024/2025
  • Exam (elaborations)
  • Questions & answers
  • CISSP
  • CISSP
avatar-seller
Easton
CISSP EXAM QUESTIONS AND 100% CORRECT
ANSWERS


Accountability - Answer Holds individuals accountable for their actions



Accountability Principle - Answer OECD Privacy Guideline principle which states
individuals should have the right to challenge the content of any personal data being
held, and have a process for updating their personal data if found to be inaccurate or
incomplete



Act honorably, justly, responsibly, and legally - Answer Second canon of the (ISC)2
Code of ethics



Administrative Law - Answer Law enacted by government agencies, aka regulatory law



Advance and protect the profession - Answer Fourth canon of the (ISC)2 Code of Ethics



Agents of law enforcement - Answer Private citizens carrying out actions on the behalf
of law enforcement



AIC triad - Answer The three security principles: availability, intregrity, and
confidentiality.



ALE/Annualized Loss Expectancy - Answer The cost of loss due to a risk over a year



Annualized loss expectancy (ALE) - A dollar amount that estiamtes the loss potenial
from a risk in a span of a year. Single Loss Expectancy (SLE) x annualized rate of
occurrence (ARO) = ALE

,Annualized Rate of Occurrence (ARO) - Answer The value that represents the estimated
possibility of a specific threat taking place within a one-year timeframe.



Antivirus Software - Answer Software designed to prevent and detect malware
infections



ARO/Annual Rate of Occurrence - Answer The number of losses suffered per year



Attack - Answer An attempt to bypass security controls in a system with the mission of
using that system or compromising it. An attack is usually accomplished by exploiting a
current vulnerability.



Authentication - Answer Proof of an Identity claim



Authorization - Answer Actions an individual can perform on a system



AV/Asset Value - Answer The Value of a protected asset



Availability - Answer The reliability and accessibility of data and resources to authorized
identified individuals in a timely manner.



Availability - Answer Assures information is available when needed



Awareness - Answer Security Control designed to change user behavior



Background checks - Answer A Verification of a person's background and experience,
Also called pre-employment screening

,Baseline - Answer Standard ways to apply a countermeasure, administrative control



Baseline - Answer The least level of security necessary to support and enforce a
security policy.



Best evidence rule - Answer use of the best possible evidence



Best practice - Answer A collective wisdom of the best way to safeguard the
confidentiality, integrity and availability of assets



Bot - Answer A computer system infected with malware that is under the control of a
botnet



Botnet - A network of computer bots controlled by human operators organized in a
central bot command and control (C&C) system



Breach notification - Notification of persons whose personal data has been, or is likely to
have been, compromised



Business Impact Analysis-It is a functional analysis performed through a team that
collects data, documents business functions, and develops hierarchy of business
function with applying a classification scheme to indicate each individual function's
criticality level.



CIA triad - Answer Confidentiality, Integrity and Availability



Circumstantial evidence - Answer Evidence that servers to establish the circumstances
related to particular points or even other evidence



Civil law - Answer Law that resolves disputes between individuals or organizations

, Civil law (legal system) - Answer Legal system that leverages codified laws or statues to
determine what is considered within the bounds of law



Classification means answering: Grouping into categories objects based upon some
established criteria. Data and resources can be labeled with a sensitivity level while in
creation, amendment, enhancement, storage or in transmission. This classification level
shall further dictate the level of control and security required for the resource and also
provide an indication of the value of the information asset.



Collection Limitation Principle - Answer The OECD Privacy Guideline principle that
states personal data collection should be limited, obtained in a lawful manner, and with
the knowledge and approval of the persons, unless there is a compelling reason to the
contrary.



Collusion - Answer Two or more people working together to conduct some type of
fraudulent activity. More than one person would have to collaborate to cause some type
of destruction or fraud; this drastically reduces its probability.



Color of law - Answer Acting on the authority of law enforcement



Commandments of Computer Ethics - Answer The Computer Ethics institute code of
ethics



Common law - Answer Legal system that places great reliance on specific cases and
judicial precedent as a determinant of laws



Compensation controls - Answer Additional security controls implemented to
compensate for the weaknesses in other controls



Compensatory damages - Answer Damages as compensation



Computer crimes - Answer Crimes utilizing computers

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller Easton. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $17.99. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

82871 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$17.99
  • (0)
  Add to cart