CC Exam: Domain 1 Security Principles

अब Quizwiz के साथ अपने होमवर्क और परीक्षाओं को एस करें!

US Regulations apply to an NJ organization at all levels and require compliance. What three levels is this example referring to?

National, Regional, Local

Alice, using her private key encryption, created an email to Bob which provides a digital signature authenticating that it was Alice sending an email to Bob. Alice realizes she cannot take back her email and claim it was never sent by her. What is this an example of?

Non-repudiation

What is kind of risk analysis is based off of categorized levels of perceived judgements and or perceptions?

Qualitative Risk Analysis

What kind of risk analysis is based in verified data and or statistical knowledge ?

Quantitative Risk Analysis

Biometric door locks, , planned security awareness training and ACLs(access control lists) are implemented in the organization. What are these examples of?

Security Controls

An AV (attack vector) plans to exploit a weakness found in a firewall, what is this concept called?

Threat

A lack of security cameras in a physical building, an earthquake, or weak login credentials are examples of what?

Vulnerabilities

A password, a physical token and iris scan are common methods of what?

Authentication

A high likelihood, high impact rating usually results in what kind of priority level?

High Priority

The NIST (National Institute of Standards and Technology) Framework focuses on 5 core functions of being able to identity, protect, detect, respond and recover. What is another name for a this kind of framework?

Standard

Let's dive into Integrity a little, ensuring Integrity begins with an awareness of _______ when it comes to a system. Once you have that concept grasped, a baseline can be formed.

State

Jeff is an ISC(2) member that refuses to have a look at file he should not have access to. What ISC2 Ethics Canon did Jeff adhere to in this scenario?

Act honorably, honestly, justly, responsibly and legally

Clever Consultants Co is an organization that has something in need of protection. What is this known as?

Asset

What is defined as timely reliable access and the ability to use information?

Availability

Who determines level of risk acceptance usually in an organization? For example, an environmental risk of earthquake in California.

Executive/Senior management and or Board of Directors

Sandra is an ISC(2) member who finds out Benjamin, another ISC(2) member, has cheated on the certification exam. Sandra remembers the ___ ethics canons and decides to report to ISC(2) the incident. How many canons are there in the ISC(2) Code of Ethics?

Four

An appetite for risk is usually determined by the amount of risk tolerance an organization is willing to accept. The goal of a security professional is to maintain that acceptable level. What leading factor risk example usually dictates this decision when determining that level of tolerance?

Geographical Location of Organization

What part of the CIA triad measures the degree in which something is whole and complete , consistent and correct?

Integrity

PHI (Protected Health Information) or PII (Personally Identifiable Information) are terms related to which area of the CIA triad?

Confidentiality

What are the three components that make up the CIA triad?

Confidentiality, Integrity and Availability


संबंधित स्टडी सेट्स

Mobility Nursing: Blood Transfusion

View Set

Environmental MCQ Progress Check Unit 1

View Set

Chapter 11: Health Care of the Older Adult

View Set