ISACA Cybersecurity Exam
Acceptable Use policy - answer-A policy that establishes an agreement between users and the
enterprise and defines for all parties' the ranges of use that are approved before gaining access to a
network or the Internet.
Access control list (ACL) - answer-An internal computerized table of access rules regarding the levels of
computer access permitted to logon IDs and computer terminals. Scope Notes: Also referred to as
access control tables.
Access rights - answer-The permission or privileges granted to users, programs or workstations to
create, change, delete or view data and files within a system, as defined by rules established by data
owners and the information security policy.
Accountability - answer-The ability to map a given activity or event back to the responsible party.
Advanced Encryption Standard (AES) - answer-A public algorithm that supports keys from 128 bits to 256
bits in size
Advanced persistent threat (APT) - answer-An adversary that possesses sophisticated levels of expertise
and significant resources that allow it to create opportunities to achieve its objectives by using multiple
attack vectors, including cyber, physical and deception. Typically, APT objectives include establishing and
extending footholds within the IT infrastructure of the targeted organizations for purposes of exfiltrating
information, or undermining or impeding critical aspects of a mission, program or organization; or
positioning itself to carry out those objectives in the future. The advanced persistent threat pursues its
objectives repeatedly, over an extended period, adapts to defenders' efforts to resist it and is
determined to maintain the level of interaction that is needed to execute its objectives. Source: NIST SP
800-39
Adversary - answer-A threat agent
Adware - answer-A software package that automatically plays, displays or downloads advertising
material to a computer after the software is installed on it or while the application is being used. Scope
Notes: In most cases, this is done without any notification to the user or without the user's consent. The
term adware may also refer to software that displays advertisements, whether or not it does so with the
user's consent; such programs display advertisements as an alternative to shareware registration fees.
These are classified as adware in the sense of advertising supported software, but not as spyware.
Adware in this form does not operate surreptitiously or mislead the user, and it provides the user with a
specific service.
Analog - answer-A transmission signal that varies continuously in amplitude and time and is generated in
wave formation. Scope Notes: Analog signals are used in telecommunications
Antimalware - answer-A widely used technology to prevent, detect and remove many categories of
malware, including computer viruses, worms, Trojans, keyloggers, malicious browser plug-ins, adware
and spyware
,Antivirus software - answer-An application software deployed at multiple points in an IT architecture. It
is designed to detect and potentially eliminate virus code before damage is done and repair or
quarantine files that have already been infected.
Application layer - answer-In the Open Systems Interconnection (OSI) communications model, the
application layer provides services for an application program to ensure that effective communication
with another application program in a network is possible.
Architecture - answer-Description of the fundamental underlying design of the components of the
business system, or of one element of the business system (e.g., technology), the relationships among
them, and the manner in which they support enterprise objectives.
Asset - answer-Something of either tangible or intangible value that is worth protecting, including
people, information, infrastructure, finances and reputation.
Asymmetric key (public key) - answer-A cipher technique in which different cryptographic keys are used
to encrypt and decrypt a message. Scope Notes: See public key encryption.
Attack - answer-An actual occurrence of an adverse event
Attack mechanism - answer-A method used to deliver the exploit. Unless the attacker is personally
performing the attack, an attack mechanism may involve a payload, or container, that delivers the
exploit to the target.
Attack vector - answer-A path or route used by the adversary to gain access to the target (asset). Scope
Notes: There are two types of attack vectors: ingress and egress (also known as data exfiltration)
Audit trail - answer-Data in the form of a logical path linking a sequence of events, used to trace the
transactions that have affected the contents of a record. Source : ISO
Authentication - answer-1. The act of verifying identity, i.e., user, system. Scope Notes: Risk: Can also
refer to the verification of the correctness of a piece of data. 2. The act of verifying the identity of a user,
the user's eligibility to access computerized information. Scope Notes: Assurance: Authentication is
designed to protect against fraudulent logon activity. It can also refer to the verification of the
correctness of a piece of data.
Authenticity - answer-Undisputed authorship
Availability - answer-Ensuring timely and reliable access to and use of information
Back door - answer-A means of regaining access to a compromised system by installing software or
configuring existing software to enable remote access under attacker-defined conditions
Bandwidth - answer-The range between the highest and lowest transmittable frequencies. It equates to
the transmission capacity of an electronic line and is expressed in bytes per second or Hertz (cycles per
second).
Bastion - answer-System heavily fortified against attacks
, Biometrics - answer-A security technique that verifies an individual's identity by analyzing a unique
physical attribute, such as a handprint.
Block cipher - answer-A public algorithm that operates on plaintext in blocks (strings or groups) of bits
Botnet - answer-A term derived from "robot network;" is a large automated and distributed network of
previously compromised computers that can be simultaneously controlled to launch largescale attacks
such as a denial- of-service attack on selected victims
Boundary - answer-Logical and physical controls to define a perimeter between the organization and the
outside world
Bring your own device (BYOD) - answer-An enterprise policy used to permit partial or full integration of
user-owned mobile devices for business purposes
Brute force - answer-A class of algorithms that repeatedly try all possible combinations until a solution is
found.
Brute force attack - answer-Repeatedly trying all possible combinations of passwords or encryption keys
until the correct one is found.
Buffer overflow - answer-Occurs when a program or process tries to store more data in a buffer
(temporary data storage area) than it was intended to hold. Scope Notes: Since buffers are created to
contain a finite amount of data, the extra information—which has to go somewhere—can overflow into
adjacent buffers, corrupting or overwriting the valid data held in them. Although it may occur
accidentally through programming error, buffer overflow is an increasingly common type of security
attack on data integrity. In buffer overflow attacks, the extra data may contain codes designed to trigger
specific actions, in effect sending new instructions to the attacked computer that could, for example,
damage the user's files, change data, or disclose confidential information. Buffer overflow attacks are
said to have arisen because the C programming language supplied the framework, and poor
programming practices supplied the vulnerability.
Business continuity plan (BCP) - answer-A plan used by an enterprise to respond to disruption of critical
business processes. Depends on the contingency plan for restoration of critical systems.
Business impact analysis/assessment (BIA) - answer-Evaluating the criticality and sensitivity of
information assets. An exercise that determines the impact of losing the support of any resource to an
enterprise, establishes the escalation of that loss over time, identifies the minimum resources needed to
recover, and prioritizes the recovery of processes and the supporting system. Scope Notes: This process
also includes addressing: Income loss, unexpected expense, legal issues (regulatory compliance or
contractual), interdependent processes, loss of public reputation or public confidence.
Certificate (Certification) authority (CA) - answer-A trusted third party that serves authentication
infrastructures or enterprises and registers entities and issues them certificates.
Certificate revocation list (CRL) - answer-An instrument for checking the continued validity of the
certificates for which the certification authority (CA) has responsibility. Scope Notes: The CRL details
