8 Certified Information Systems Security Professionals

Question 1

Security and Risk Management

Answer 1

This involves
• setting up what you want to achieve with security
• finding ways to reduce potential problems
• following rules and regulations
• making sure business operations can continue even during challenges
• ensuring everything is done according to the law.

Question 2

Asset Security

Answer 2

Secures digital and physical assets

Question 3

Security Architecture and Engineering

Answer 3

This means making data protection better by setting up the right tools, systems, and processes to work well.

Question 4

Communication and Network Security

Answer 4

Handling and protecting physical networks and wireless communications.

Question 5

Identity and Access Management

Answer 5

It’s a system that keeps data safe by making sure users follow the set rules to control and manage physical things like office spaces, and virtual things like networks and applications.

Question 6

Security Assessment and Testing

Answer 6

This involves:
• checking how well security measures work by testing them
• gathering and studying information
• doing security checks to keep an eye out for risks, dangers, and weaknesses.

Question 7

Security Domain

Answer 7

Involves looking into issues and putting actions in place to stop them from happening.

Question 8

Software Development Security

Answer 8

Applying safe coding practices, which are a set of suggested rules used to build secure applications and services.