100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
CISM Exam Study Guide with Complete Solutions $13.49   Add to cart

Exam (elaborations)

CISM Exam Study Guide with Complete Solutions

 8 views  0 purchase
  • Course
  • CISM
  • Institution
  • CISM

CISM Exam Study Guide with Complete Solutions Acceptable interruption window - Answer️️ -Amount of time that an organization deems acceptable for a system to be unavailable before the organization's business objectives are compromised. This is ultimately about risk management. This should b...

[Show more]

Preview 4 out of 64  pages

  • August 16, 2024
  • 64
  • 2024/2025
  • Exam (elaborations)
  • Questions & answers
  • CISM
  • CISM
avatar-seller
OliviaWest
©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM



CISM Exam Study Guide with Complete Solutions

Acceptable interruption window - Answer✔️✔️-Amount of time that an

organization deems acceptable for a system to be unavailable before the

organization's business objectives are compromised. This is ultimately about risk

management. This should be set before an interruption occurs.


Acceptable use policy - Answer✔️✔️-A policy set by organizations on proper

system usage. An agreement between the organization and client on what is

acceptable performance and expectation of behavior and activity before gaining

access to the system. Part of the overall security documentation infrastructure.


Access controls - Answer✔️✔️-Policies and procedures that determine the

permissions, rights, and privileges of users to data, information systems, or even

the physical building of an organization. Goal: helps to ensure that only people

who are authenticated and authorized can access resources.


Access path - Answer✔️✔️-When a user requests data, the route that a computer

takes to access it. Usually through the operating system, telecommunications

software, application software, and the access control system.




1

,©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM


Access rights - Answer✔️✔️-The permissions granted to users or programs to

access, create, view, modify, or delete data or files within a system. Determined by

data owners and information security policy.


Accountability - Answer✔️✔️-Tracking online activities of a user so they are held

accountable for the actions they take on the data. It relies on effective identification

and authentication. Usually used in audit logs.


Address Resolution Protocol (ARP) - Answer✔️✔️-A basic connectivity protocol.

ARP resolves IPv4 addresses to media access control (MAC) addresses (physical

address of the computer).


Administrative control - Answer✔️✔️-The policies and procedures defined by an

organization's security policy that deals with operational effectiveness, efficiency,

and adherence to regulations and management policies. Examples of these can

include: policies, hiring practices, background checks, classifying and labeling

data, security awareness and training efforts, personnel controls, and testing.


Advance encryption standard (AES) - Answer✔️✔️-An encryption standard used in

symmetric encryption. Replaced 3DES. It is fast, efficient, and strong. Encryption

ensures the confidentiality prong of the CIA triad.




2

,©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM


Alert situation - Answer✔️✔️-When a service interruption has reached a threshold

and an organization can no longer cope with the outage, causing the organization to

escalate into an alert situation.


Algorithm - Answer✔️✔️-A mathematical procedure, a finite set of rules and step-

by-step instructions, especially one that can be followed by a computer. In

cybersecurity, we usually talk about encryption algorithms.


Alternate facilities - Answer✔️✔️-Other buildings or sites that are used in case of an

emergency or disaster situation in which data availability is decreased or lost. This

includes hot sites, warm site, cold sites, and mobile sites, that can be activated as

part of an emergency protocol. The level of preparedness varies from completely

configured with hardware and software and backup servers, to just physical

buildings. Hot sites can be ready within several minutes to an hour of need.


Alternate process - Answer✔️✔️-Steps used to continue critical business function

from point-of-failure to return-to-normal. Used after a disruption of service.


Annual loss expectancy (ALE) - Answer✔️✔️-ALE is used in quantitative risk

assessment, which uses a specific monetary amount to manage risk. The ALE is the

Single loss expectancy (SLE) x Annual rate of occurrence (ARO).




3

, ©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM


Anomaly detection - Answer✔️✔️-The process of examining the system for any

deviation from normal.


Anonymous File Transfer Protocol (AFTP) - Answer✔️✔️-A way of downloading

public files using FTP. It does not require the user to identify themselves before

accessing files. Instead, when prompted, the user can type "anonymous" as a

username and "guest" as a password. Often times, an AFTP site will not ask for a

username and password. This is a security concern, as these sites might not be

protected.


Antivirus software - Answer✔️✔️-Software installed on many points in the IT

infrastructure that protects and can eliminate virus code before damage occurs. Can

repair or quarantine infected files.


Application controls - Answer✔️✔️-Policies and procedures that ensure that

objectives of system applications are achieved.


Application layer - Answer✔️✔️-The top layer of the OSI stack, this is a service

layer that allows application programs to communicate with each other. The

application itself is not located within this level. The protocols and services

required to transmit files, exchange messages, and connect to remote terminals are




4

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller OliviaWest. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $13.49. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

79271 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$13.49
  • (0)
  Add to cart