100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
Previously searched by you
Previously searched by you
logo
(ISC)2 Certified in Cybersecurity – Exam 2024 £11.16   Add to cart
Quickly navigate to
Preview
  2.  
  3. 2 Certified In Cybersecurity
  4.  
  5. 2 Certified in Cybersecurity

Exam (elaborations)

(ISC)2 Certified in Cybersecurity – Exam 2024
 1 view  0 purchase
  • Module
  • 2 Certified in Cybersecurity
  • Institution
  • 2 Certified In Cybersecurity

Document specific requirements that a customer has about any aspect of a vendor's service performance. A) DLR B) Contract C) SLR D) NDA - Answer C) SLR (Service-Level Requirements) _________ identifies and triages risks. - Answer Risk Assessment _________ are external forces that jeopar...

[Show more]

Preview 4 out of 94  pages

Document information

  • February 24, 2024
  • 94
  • 2023/2024
  • Exam (elaborations)
  • Questions & answers

Subjects

  • isc2 certified in cybersecurity exam 2024

Written for

  • 2 Certified in Cybersecurity
All documents for this subject (33)

Seller

avatar-seller
JUICYGRADES

Reviews received

Content preview

(ISC)2 Certified in Cybersecurity – Exam
2024

Document specific requirements that a customer has about any aspect of a vendor's service
performance.



A) DLR

B) Contract

C) SLR

D) NDA - Answer ✔✔C) SLR (Service-Level Requirements)



_________ identifies and triages risks. - Answer ✔✔Risk Assessment



_________ are external forces that jeopardize security. - Answer ✔✔Threats



_________ are methods used by attackers. - Answer ✔✔Threat Vectors



_________ are the combination of a threat and a vulnerability. - Answer ✔✔Risks



We rank risks by _________ and _________. - Answer ✔✔Likelihood and impact



_________ use subjective ratings to evaluate risk likelihood and impact. - Answer ✔✔Qualitative Risk
Assessment



_________ use objective numeric ratings to evaluate risk likelihood and impact. - Answer
✔✔Quantitative Risk Assessment



_________ analyzes and implements possible responses to control risk. - Answer ✔✔Risk Treatment

,_________ changes business practices to make a risk irrelevant. - Answer ✔✔Risk Avoidance



_________ reduces the likelihood or impact of a risk. - Answer ✔✔Risk Mitigation



An organization's _________ is the set of risks that it faces. - Answer ✔✔Risk Profile



_________ Initial Risk of an organization. - Answer ✔✔Inherent Risk



_________ Risk that remains in an organization after controls. - Answer ✔✔Residual Risk



_________ is the level of risk an organization is willing to accept. - Answer ✔✔Risk Tolerance



_________ reduce the likelihood or impact of a risk and help identify issues. - Answer ✔✔Security
Controls



_________ stop a security issue from occurring. - Answer ✔✔Preventive Control



_________ identify security issues requiring investigation. - Answer ✔✔Detective Control



_________ remediate security issues that have occurred. - Answer ✔✔Recovery Control



Hardening == Preventative - Answer ✔✔Virus == Detective



Backups == Recovery - Answer ✔✔For exam (Local and Technical Controls are the same)



_________ use technology to achieve control objectives. - Answer ✔✔Technical Controls



_________ use processes to achieve control objectives. - Answer ✔✔Administrative Controls

,_________ impact the physical world. - Answer ✔✔Physical Controls



_________ tracks specific device settings. - Answer ✔✔Configuration Management



_________ provide a configuration snapshot. - Answer ✔✔Baselines (track changes)



_________ assigns numbers to each version. - Answer ✔✔Versioning



_________ serve as important configuration artifacts. - Answer ✔✔Diagrams



_________ and _________ help ensure a stable operating environment. - Answer ✔✔Change and
Configuration Management



Purchasing an insurance policy is an example of which risk management strategy? - Answer ✔✔Risk
Transference



What two factors are used to evaluate a risk? - Answer ✔✔Likelihood and Impact



What term best describes making a snapshot of a system or application at a point in time for later
comparison? - Answer ✔✔Baselining



What type of security control is designed to stop a security issue from occurring in the first place? -
Answer ✔✔Preventive



What term describes risks that originate inside the organization? - Answer ✔✔Internal



What four items belong to the security policy framework? - Answer ✔✔Policies, Standards, Guidelines,
Procedures

, _________ describe an organization's security expectations. - Answer ✔✔Policies (mandatory and
approved at the highest level of an organization)



_________ describe specific security controls and are often derived from policies. - Answer
✔✔Standards (mandatory)



_________ describe best practices. - Answer ✔✔Guidelines (recommendations/advice and compliance
is not mandatory)



_________ step-by-step instructions. - Answer ✔✔Procedures (not mandatory)



_________ describe authorized uses of technology. - Answer ✔✔Acceptable Use Policies (AUP)



_________ describe how to protect sensitive information. - Answer ✔✔Data Handling Policies



_________ cover password security practices. - Answer ✔✔Password Policies



_________ cover use of personal devices with company information. - Answer ✔✔Bring Your Own
Device (BYOD) Policies



_________ cover the use of personally identifiable information. - Answer ✔✔Privacy Policies



_________ cover the documentation, approval, and rollback of technology changes. - Answer
✔✔Change Management Policies



Which element of the security policy framework includes suggestions that are not mandatory? - Answer
✔✔Guidelines



What law applies to the use of personal information belonging to European Union residents? - Answer
✔✔GDPR

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller JUICYGRADES. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for £11.16. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

75619 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy revision notes and other study material for 14 years now

Start selling
£11.16
  • (0)
  Add to cart