100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
Previously searched by you
Previously searched by you
logo
(ISC)2 Certified in Cybersecurity Final Exam (QUESTIONS WITH 100% CORRECT ANSWERS ) (2024 / 2025) (Verified by Experts) $19.99
Add to cart
Quickly navigate to
Preview
  2.  
  3. 2 Certified In Cybersecurity
  4.  
  5. 2 Certified in Cybersecurity

Exam (elaborations)

(ISC)2 Certified in Cybersecurity Final Exam (QUESTIONS WITH 100% CORRECT ANSWERS ) (2024 / 2025) (Verified by Experts)
 0 purchase
  • Course
  • 2 Certified in Cybersecurity
  • Institution
  • 2 Certified In Cybersecurity

Document specific requirements that a customer has about any aspect of a vendor's service performance. A) DLR B) Contract C) SLR D) NDA - ANSWER C) SLR (Service-Level Requirements) _________ identifies and triages risks. - ANSWER Risk Assessment _________ are external forces that ...

[Show more]

Preview 4 out of 70  pages

Document information

  • April 4, 2024
  • 70
  • 2023/2024
  • Exam (elaborations)
  • Questions & answers

Subjects

  • isc2 certified in cybersecurity final exam que
  • document specific requirements that a customer has
  • identifies and triages risks answer
  • are external forces that jeopardize secu

Written for

  • 2 Certified in Cybersecurity
  • 2 Certified in Cybersecurity

Seller

avatar-seller
STARSHINESTUVIA

Reviews received

Content preview

(ISC)2 Certified in Cybersecurity Final Exam (QUESTIONS
WITH 100% CORRECT ANSWERS ) ()
(Verified by Experts)

Document specific requirements that a customer has about any aspect of a vendor's
service performance.

A) DLR
B) Contract
C) SLR
D) NDA - ANSWER C) SLR (Service-Level Requirements)

_________ identifies and triages risks. - ANSWER Risk Assessment

_________ are external forces that jeopardize security. - ANSWER Threats

_________ are methods used by attackers. - ANSWER Threat Vectors

_________ are the combination of a threat and a vulnerability. - ANSWER Risks

We rank risks by _________ and _________. - ANSWER Likelihood and impact

_________ use subjective ratings to evaluate risk likelihood and impact. - ANSWER
Qualitative Risk Assessment

_________ use objective numeric ratings to evaluate risk likelihood and impact. -
ANSWER Quantitative Risk Assessment

_________ analyzes and implements possible responses to control risk. - ANSWER
Risk Treatment

_________ changes business practices to make a risk irrelevant. - ANSWER Risk
Avoidance

_________ reduces the likelihood or impact of a risk. - ANSWER Risk Mitigation

An organization's _________ is the set of risks that it faces. - ANSWER Risk Profile

_________ Initial Risk of an organization. - ANSWER Inherent Risk

_________ Risk that remains in an organization after controls. - ANSWER Residual Risk

,_________ is the level of risk an organization is willing to accept. - ANSWER Risk
Tolerance

_________ reduce the likelihood or impact of a risk and help identify issues. - ANSWER
Security Controls

_________ stop a security issue from occurring. - ANSWER Preventive Control

_________ identify security issues requiring investigation. - ANSWER Detective Control

_________ remediate security issues that have occurred. - ANSWER Recovery Control

Hardening == Preventative - ANSWER Virus == Detective

Backups == Recovery - ANSWER For exam (Local and Technical Controls are the same)

_________ use technology to achieve control objectives. - ANSWER Technical Controls

_________ use processes to achieve control objectives. - ANSWER Administrative
Controls

_________ impact the physical world. - ANSWER Physical Controls

_________ tracks specific device settings. - ANSWER Configuration Management

_________ provide a configuration snapshot. - ANSWER Baselines (track changes)

_________ assigns numbers to each version. - ANSWER Versioning

_________ serve as important configuration artifacts. - ANSWER Diagrams

_________ and _________ help ensure a stable operating environment. - ANSWER
Change and Configuration Management

Purchasing an insurance policy is an example of which risk management strategy? -
ANSWER Risk Transference

What two factors are used to evaluate a risk? - ANSWER Likelihood and Impact

What term best describes making a snapshot of a system or application at a point in time
for later comparison? - ANSWER Baselining

What type of security control is designed to stop a security issue from occurring in the
first place? - ANSWER Preventive

,What term describes risks that originate inside the organization? - ANSWER Internal

What four items belong to the security policy framework? - ANSWER Policies,
Standards, Guidelines, Procedures

_________ describe an organization's security expectations. - ANSWER Policies
(mandatory and approved at the highest level of an organization)

_________ describe specific security controls and are often derived from policies. -
ANSWER Standards (mandatory)

_________ describe best practices. - ANSWER Guidelines (recommendations/advice
and compliance is not mandatory)

_________ step-by-step instructions. - ANSWER Procedures (not mandatory)

_________ describe authorized uses of technology. - ANSWER Acceptable Use Policies
(AUP)

_________ describe how to protect sensitive information. - ANSWER Data Handling
Policies

_________ cover password security practices. - ANSWER Password Policies

_________ cover use of personal devices with company information. - ANSWER Bring
Your Own Device (BYOD) Policies

_________ cover the use of personally identifiable information. - ANSWER Privacy
Policies

_________ cover the documentation, approval, and rollback of technology changes. -
ANSWER Change Management Policies

Which element of the security policy framework includes suggestions that are not
mandatory? - ANSWER Guidelines

What law applies to the use of personal information belonging to European Union
residents? - ANSWER GDPR

What type of security policy normally describes how users may access business
information with their own devices? - ANSWER BYOD Policy

, _________ the set of controls designed to keep a business running in the face of
adversity, whether natural or man-made. - ANSWER Business Continuity Planning
(BCP)

BCP is also known as _________. - ANSWER Continuity of Operations Planning (COOP)

Defining the BCP Scope: - ANSWER What business activities will the plan cover? What
systems will it cover? What controls will it consider?

_________ identifies and prioritizes risks. - ANSWER Business Impact Assessment

BCP in the cloud requires _________ between providers and customers. - ANSWER
Collaboration

_________ protects against the failure of a single component. - ANSWER Redundancy

_________ identifies and removes SPOFs. - ANSWER Single Point of Failure Analysis

_________ continues until the cost of addressing risks outweighs the benefit. -
ANSWER SPOF Analysis

_________ uses multiple systems to protect against service failure. - ANSWER High
Availability

_________ makes a single system resilient against technical failures. - ANSWER Fault
Tolerance

_________ spreads demand across systems. - ANSWER Load Balancing

3 Common Points of Failure in a system. - ANSWER Power Supply, Storage Media,
Networking

Disk Mirroring is which RAID level? - ANSWER 1

Disk striping with parity is which RAID level? - ANSWER 5 (uses 3 or more disks to
store data)

What goal of security is enhanced by a strong business continuity program? - ANSWER
Availability

What is the minimum number of disk required to perform RAID level 5? - ANSWER 3

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller STARSHINESTUVIA. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $19.99. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

69052 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 15 years now

Start selling
$19.99
  • (0)
Add to cart
Added