Domain 1 set 2 Flashcards

1
Q

ROI

A

Return on Investment

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

The Amount of money saved by implementation of a safeguard.

A

Return on Investment

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

The value of the Safeguard or Control

A

Return on Investment

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

ALE

A

Annual loss expectancy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

The 2 Risk Analysis

A
  1. Qualitative

2. Quantitative

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Risk Analysis that helps prioritize probability and impact of a risk event

A

Qualitative

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Business decisions are made on what Risk Analysis

A

Quantitative

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

It depends on what Risk Analysis?

A

Qualitative

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Reactive mechanism

A

Counter Measures

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

The amount of risk without implementing a mitigation

A

Total Risk

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Threats X Vulnerability X Asset value = ?

A

Total Risk

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What are two risk transfer items?

A
  1. insurance

2. SLA’s

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

BRP

A

Business Recovery Plan

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Long term focus on sustaining Operation of the business following a Disaster

A

Business Recovery Plan

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Responding to a Risk is called?

A

Risk Mitigation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

The 7 phases of BCP

A
  1. Project Initiation
  2. Business Impact Analysis
  3. Recovery Strategy
  4. Plan Design and Development
  5. Implementation
  6. Testing
  7. Maintenance
17
Q

ISO 27001

A

Establishment Implementation of controls and improvements of ISMS.

Follow the PDCA

18
Q

ISO 27002

A

Provides practical Advice for HOW TO implement Security controls, use 10 domain to Address ISMS

19
Q

ISO 27004

A

Metrics

20
Q

ISO 27005

A

Approach To Risk Management

21
Q

ITIL

A

Information Technology Infrastructure Library

IT Service Managment

22
Q

An analysts to identify assets and their criticality, identify Vulnerabilities and threats and base the protection strategy to reduce Risk

A

OCTAVE

23
Q

FERPA Handles what?

A

Student Educational records

24
Q

ECPA

A

Electronic communication Privacy Act

Restricts Governments of interception of communications

25
Q

COPPA

A

Children’s Online Privacy protection act

Protects kids under 13 on websites

26
Q

CFAA

A

Computer Fraud and Abuse Act

crimmeral Law

27
Q

TCO

A

Total cost of Ownership
The total cost of implementing a safeguard.
includes maintenance fees

28
Q

Will help you decide the correct risk mitigation Strategy?

A

Cost / Benefit Analysis

29
Q

Risk Assessment

A

To identify Assets, threats and vulnerabilites

30
Q

COOP

A

Continuity of operation plan

31
Q

WIPO

A

World Intellectual property organization
Ran by the UN
International to prevent piracy and espionage and licensing

32
Q

CISO

A

Chief Info Security Officer