Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CISSP Prep > Week 1 > Flashcards

Week 1 Flashcards

1
Q

What year was the first edition of the CBK created?

jpresuello

A

1992

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

When was CISSP certification created?

jpresuello

A

1994

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

When was ISC2 established?

jpresuello

A

1989

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is the meaning of CISSP?

jpresuello

A

Certified Information Systems Security Professional

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What does ISC2 mean?

jpresuello

A

International Information Systems Security Certification Consortium

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Is CISSP a VENDOR NEUTRAL CERTIFICATION?

jpresuello

A

Yes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

How many domains are covered in CISSP?

jpresuello

A

8 domains

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are the 3 specific functional areas of CISSP?

jpresuello

A

Architecture, Engineering, Management

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What are the 8 knowledge Domains of CISSP

jpresuello

A

Security and Risk Management, Asset Security, Security Engineering, Communication and Network Security, Identity and Access Management, Security Assessment and Testing, Security Operations, Software Development Security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

A documented set of your organization’s information security policies, procedures, tools, controls, guidelines, and standards.

jpresuello

A

Security Program

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

4 lifecycle of Security Program

jpresuello

A
  1. Plan & organize
  2. Implement
  3. Operate & Maintain
  4. Monitor & Evaluate
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

used to determine whether security is cost effective, relevant, timely and responsive to threats

jpresuello

A

Risk Analysis

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Assign real and meaningful numbers (DOLLARS) to all elements of risk analysis process

jpresuello

A

Quantitative Risk Analysis

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Rank the seriousness of the threats and the validity of the different possible countermeasures based on opinions

jpresuello

A

Qualitative Risk Analysis

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

An overall general statement produced by senior management that dictates what role security plays within the organization

jpresuello

A

Security Policy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Mandatory activities, actions or rules

jpresuello

A

Standards

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Minimum level of protection required

jpresuello

A

Baseline

18
Q

General guide and recommended actions when a specific Standard does not apply

jpresuello

A

Guidelines

19
Q

Step by step detailed instruction on specific tasks

jpresuello

A

Procedure

20
Q

Determining vulnerabilities and risks.

jpresuello

A

Due Diligence

21
Q

Implementing countermeasures against risks and threats

jpresuello

A

Due Care

22
Q

Responsible for specific data subset

jpresuello

A

Data Owner

23
Q

Responsible for maintaining and protecting data/information

jpresuello

A

Data Custodian

24
Q

Responsible for one or more systems

jpresuello

A

System owner

25
Q

Responsible for properly defining business processes

jpresuello

A

Process owner

26
Q

Decide who can and cannot access their applications

jpresuello

A

Application Owner

27
Q

Anyone with a root or administrative account to a system

jpresuello

A

Security Administrator

28
Q

Works at the design level than implementation

jpresuello

A

Security Analyst

29
Q

Evaluates security controls within the company

jpresuello

A

Auditor

30
Q

Responsible for approving and rejecting change control requests

jpresuello

A

Change Control Analyst

31
Q

Ensures data is stored in a fashion that makes sense for the company

jpresuello

A

Data Analyst

32
Q

Responsible for explaining business requirements to vendors

jpresuello

A

Product Line Manager

33
Q

Responsible for all user activity and assets created and owned by these users

jpresuello

A

Supervisor

34
Q

Uses data for work-related task

jpresuello

A

User

35
Q

Works with business unit managers, data owners and senior managers to develop and deploy a solution

jpresuello

A

Solution Provider

36
Q

Elected individuals that oversee the fulfillment of the corporation charter

jpresuello

A

Board of Directors

37
Q

Day-to-day management of entire organization

jpresuello

A

CEO

38
Q

Day-to-day account and financial activities

jpresuello

A

CFO

39
Q

Responsible for information technology infrastructure

jpresuello

A

CIO

40
Q

Oversee appropriate handling and usage of data

jpresuello

A

CPO

41
Q

Responsible for understanding company specific risks and processes used to mitigate these risks

jpresuello

A

CSO

42
Q

jpresuello

A

CISSP Prep (8 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions