Domain 1 Flashcards
Maintenance of a known good configuration and expected operational function as the system processes that info
System Integrity
Current condition of the system
State
Ability to document and understand the state of data or a system at a certain point.
Current state of the info.
Baseline
Importance an organization gives to data or an information system in performing its operations
Criticality
Process of identifying, estimating and prioritizing (gathering info) to an organization’s operations
Risk Assessment
Understand risk in non-numerical terms using ratings and priorities
Quantitative Risk Assessment
Most common type of risk.
Takes action to prevent or reduce the possibility of a risk event/impact.
Risk Mitigation
Hardware or software components that protect computing and network resources like computers, servers, computer networks or data stored within a system.
Technical Controls (Logical Controls)
Management-oriented controls that provide directives and instructions aimed at people within the organization.
Administrative Controls (Managerial Controls)
Protect society, common good, necessary public trust and confidence and the infrastructure
ISC2 Code of Ethics
Act honorably, honestly, justly, responsibly and legally
ISC2 Code of Ethics
Provide diligent and competent service to principles
ISC2 Code of Ethics
Advance and protect the profession
ISC2 Code of Ethics
Safety and welfare of society and the
common good, duty to our principles, and
duty to each other require that we adhere
and be seen to adhere to the highest
ethical standards of behavior
ISC2 Code of Ethics Preamble
Detailed steps to complete a task that support departmental or organization policies
Procedures
By organizational governance to provide guidance in all activities to ensure the organization supports industry standards and regulations
Policies
By governance teams to provide a framework to introduce policies and procedures in support or regulations
Standards
