Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CISSP 9th Edition > Domain 1 > Flashcards

Domain 1 Flashcards

1
Q

What does IAAAA stand for?

A 
Identification
Authentication 
Authorization 
Accountability 
Auditing
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What does DAD stand for ?

A

Disclosure
Alteration
Destruction

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are four protection mechanisms?

A

Layering
Abstractions
Data Hiding
Encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are the rules of risk management?

A
  1. No risk can be completely avoided.
  2. Risks can be minimized and controlled to avoid impact of damages.
  3. Risk management is the process of identifying, examining, measuring, mitigating, or transferring risk.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are the 5 types of risk management frameworks?

A 
Preventative
Déterrent 
Détective
Corrective 
Recovery
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are examples of preventative risk management ?

A 
Security policies
Security cameras
Callback
Security awareness training 
Job rotation
Encryption
Data classification 
Smart cards
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are examples of deterrent risk management ?

A 
Security personnel
Guards
Security cameras
Separation of duties
Intrusion alarms 
Awareness training 
Firewalls
Encryption
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are examples of detective risk management ?

A 
Logs 
Security cameras
Intrusion detection systems 
Honey pots 
Audit trails
Mandatory vacations
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What are examples of corrective risk management ?

A

Alarms
Antivirus solutions
Intrusions detection systems
Business continuity plans

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What are examples of recovery risk management ?

A 
Backups
Server clustering
Fault tolerant drive systems
Database shadowing 
Antivirus software
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is the risk management life cycle?

A

Assessment
Analysis
Mitigation
Response

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What types of responsibilities fall under risk management assessment?

A 
System characterization 
Threat identification 
Vulnerability identification 
Control analysis 
Likelihood détermination 
Impact analysis 
Risk determination 
Control recommendation 
Results documentation
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What types of responsibilities fall under risk management analysis?

A 
Qualitative 
Quantitative 
AV - Asset value
EF- Exposure factor 
ARO - Annual rate of occurrence 
Single loss expectancy = AV * EF
Annual loss expectancy = SLE * ARO
Risk value = probability * impact
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What types of responsibilities fall under risk management mitigation/recovery?

A

Reduce/Avoid
Transfer
Accept/Reject

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What are the six steps of the risk management framework ?

A 
Categorize
Sélect
Implement 
Assess
Authorize
Monitor
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What are the threat identification models ?

A

STRIDE
DREAD
MART

17
Q

What does STRIDE stand for ?

A 
Spoofing
Tampering
Répudiation 
Information disclosure 
Denial of service 
Escalation of privilege
18
Q

What does DREAD stand for ?

A 
Damage
Reproducibility 
Exploitability 
Affected
Discoverability
19
Q

What does MART stand for?

A

Mitigate
Accept
Reject
Transfer

CISSP 9th Edition (2 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions