Cismp exam - Study guides, Class notes & Summaries

CISMP GLOSSARY ACTUAL EXAM QUESTIONS AND ANSWERS WITH COMPLETE SOLUTIONS VERIFIED LATEST UPDATE Glossary 1 Acceptable use: A policy used to identify what personal use of company resources is acceptable Accountability: The attribute of having to answer for one’s actionsAccredited: Acknowledgement by an official body that an individual or entity has met predefined criteria Active content: Content on a website that is either interactive, such as internet polls, or dynamic, such as animated...

CISMP ACTUAL EXAM QUESTIONS AND ANSWERS WITH COMPLETE SOLUTIONS VERIFIED 100% GUARANTEED PASS threat An event that may have an adverse impact. Can lead to violation of information security. Can be accidental/intentional vulnerability A weakness of an asset that may be exploited by one or more threata 6 essential cloud characteristics On demand service Broad network service Resource pooling Rapid elasticity Measured service Multi-tenancy Service models On demand self service (clou...

CISMP ACRONYMS EXAM QUESTIONS AND ANSWERS WITH COMPLET SOLUTIONS RATED A++ AAA Authentication, authorization, and accounting. A group of technologies used in remote access systems. Authentication verifies a user's identification. Authorization determines if a user should have access. Accounting tracks a user's access with logs. ACL Access control list. A list of rules used to grant access to a resource. In NTFS, a list of ACEs makes up the access control list for a resource. In a...

CISMP GLOSSARY EXAM QUESTIONS AND ANSWERS WITH COMPLETE SOLUTIONS VERIFIED Acceptable Use Policy (AUP) A policy used to identify what personal use of company resources is acceptable Accountability ability to answer for one's own actions Active content Content on a website that is either interactive, such as internet polls, or dynamic, such as animated pictures, JavaScript applications or ActiveX applications anti-virus Software designed to negate or destroy a computer virus Assets ...

BCS CISMP COURSE EXAM QUESTIONS AND ANNSWERS WITH COMPLETE SOLUTIONS VERIFIED What does Hashing link to? Integrity What is reduced when Security is increased? Availability What does repudiation mean? The ability to prove the occurrence of an event and its origin. An audit trail so the event cannot be denied. What are the three A's? Authentication, Authorisation and Auditing. What is the most important policy and what type of control is it? Training and Awareness & a Procedural con...

CISMP 1 SETTING A SECURE FOUNDATION EXAM QUESTIONS AND ANSWERS WITH COMPLETE SOLUTIONS What is a business case? A decision support and planning tool that predicts likely consequences of a business action Used to justify investments What is information security Safe-guarding an organization's data from unauthorized access or modification to insure its availability, confidentiality, and integrity. A condition that results from the establishment and maintenance of protective measures...

BCS CISMP 2 EXAM QUESTIONS WITH CORRECT ANSWERS VERIFIED LATEST UPDATE Categories of Threat Physical Outages & Failures Hacking & abuse Legal & contractual Accidents & disaster/hazards Categories of vulnerabilities General Information Specific Controls of risk: Detective controls Designed to identify information security incidents, such as intrusion detection systems Controls of risk: Corrective controls Designed to make appropriate change after having identified an incident to en...

CISMP CHAPTER 6 EXAM QUESTIONS AND ANSWERS WITH COMPLETE SOLUTIONS VERIFIED partitioning of networks is done to reduce risks including Firewalls, routers, proxy servers and network boundary separation architectures Separation of external and internal networks is done through DMZs or Demilitarised Zones Types of firewall include Packet filtering Circuit level gateway Stateful Inspection Application level gateway Next Generation Packet filtering is the removal of data that does not c...

CISMP ACTAUL EXAM QUESTIONS AND ANSWERS WITH COMPLETE SOLUTIONS VERIFIED GRADED A++ ISO15408 Common Criteria ISO 15489 Records Management and Retention of Records ISO 18028 Information Technology ISO 27002 Code of Practice for Information Security Management ISO 27003 ISMS Implementation Guide ISO 27005 Risk Management ISO 31000 Risk Management NIST 800-53 Cyber Security Framework AAA Authentication Authorisation Accountability Risk = likelihood x impact probability x cons...