Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CISSP > Domain 1 - part 2 > Flashcards

Domain 1 - part 2 Flashcards

1
Q

composite of various standards regulations and statutory requirements from around the world. covering a variety of subjects related to IT and data security.

A

CSA star cloud security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

global/worldwide Focused on policy and controls recognized globally. Know for information security management system.

A

ISO 27001/2 - -Security control framework - 27001 I S M S policy and 02 controls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Best practices managed by A l e x o s British government and a private firm. How an org IT e n v should enhance and benefit its business goals. Mapped to I S O 20000 standard

A

I TIL

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

realm of the security practitioner security controls are applied

A

Mitigate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Business decision not a security practice. Usually made by senior management

A

Avoid

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

converse of avoidance, management may opt for conducting the business function that is associated with the risk without any further action on the org part.

A

Accept

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

the practice of paying another party accept full financial impact of the harm

A

Transfer-Risk Response

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

formula to calculate SLE

A

S LE=(AV)(E F) s l eave + f

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

formula to calculate ALE

A

ALE=(S LA)(A R O)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

mitigate - controls that mitigate the effects or risks of the loss of the primary controls. physical locks that still function if an electronic access control system loses power, or personnel trained to use fire extinguishers hoses in the event a sprinkler system does not activate

A

compensate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

remediation - controls that react to a situation in order to perform remediation or restoration. Include fire suppression systems, intrusion prevention systems, and incident response teams. Tape backups

A

corrective

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

recognize - controls that recognize hostile or anomalous activity. These can include motion sensors, guards, dogs, and intrusion detection systems.

A

detective

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

reduce - controls that reduce the likelihood someone will choose to perform a certain activity. These can include notification, cameras, and noticeable presence of other controls.

A

deterrent

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Mandates - controls that impose mandates or requirements. can include policies, standards, signage, or notification, and are often combined with training.

A

directive

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

prohibit - Controls that prohibits a certain activity. Walls and fences they prohibit people from entering an area in an unauthorized manner.

A

preventive

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

restoration - designed to restore operations to a known condition following a security incident. Can include backups and disaster recovery plans

A

recovery

CISSP (5 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions