Cissp stuvia Study guides, Class notes & Summaries

Strategy documents that provide detailed procedures that ensure critical business functions are maintained and that help minimize losses of life, operations, and systems. -ANSWER Business Continuity Plan (BCP) Contents Procedures for emergency responses, extended backup operations, and post-disaster recovery. -ANSWER BCP Provisions Should reach enterprise-wide, with individual organizational units each having their own detailed continuity and contingency plans. -ANSWER BCP Structure Req...

What is a Cache? - ANSWER is a local store of information that a system uses to operate. Caches store frequently used records to save clients the time of performing repeated looks us and reduce the burden on servers. Define client-server model - ANSWER Client-server model is a distributed application structure that partitions tasks or workloads between the providers of a resource or service, called servers, and service requesters, called clients. ... A server host runs one or more server prog...

The objectives of security are: - ANSWER provide availability, integrity, and confidentiality protection to data and resources. Vulnerability - ANSWER is a weakness in a system that allows a threat source to compromise its security. Threat - ANSWER is the possibility that someone or something would exploit a vulnerability, either intentionally or accidentally, and cause harm to an asset. Risk - ANSWER is the probability of a threat agent exploiting a vulnerability and the loss potential...

Which attack is used to understand the type of network topology implemented at the target? - ANSWER Scanning The primary goal of a security awareness program is: - ANSWER To make everyone aware of potential risk and exposure Fault tolerance safeguards help us to combat threats to - ANSWER Data Reliability What is the term used to describe a component, which in case of failure automatically responds in way that causes no or minimum harm? - ANSWER Fail Safe Which one of the following i...

1. Which of the following best describes the relationship between COBIT and ITIL? A. COBIT is a model for IT governance, whereas ITIL is a model for corporate governance. B. COBIT provides a corporate governance roadmap, whereas ITIL is a customizable framework for IT service management. C. COBIT defines IT goals, whereas ITIL provides the process-level steps on how to achieve them. D. COBIT provides a framework for achieving business goals, whereas ITIL defines a framework for achieving IT ...

1. Which of the following best describes the relationship between COBIT and ITIL? A. COBIT is a model for IT governance, whereas ITIL is a model for corporate governance. B. COBIT provides a corporate governance roadmap, whereas ITIL is a customizable framework for IT service management. C. COBIT defines IT goals, whereas ITIL provides the process-level steps on how to achieve them. D. COBIT provides a framework for achieving business goals, whereas ITIL defines a framework for achieving IT ...

CISSP Exam- Security Architecture and Engineering Correct 100%(RATED A)What is a Cache? - ANSWER is a local store of information that a system uses to operate. Caches store frequently used records to save clients the time of performing repeated looks us and reduce the burden on servers. Define client-server model - ANSWER Client-server model is a distributed application structure that partitions tasks or workloads between the providers of a resource or service, called servers, and service req...

Layer 2 of the OSI model is called the transport layer. - ANSWER False The IP address 192.168.5.5 is a private IP address according to RFC 1918. - ANSWER True The contention method used in Ethernet is called Token passing. - ANSWER False A Metropolitan-area network (MAN) is a type of LAN that encompasses a large area such as the downtown of a city. - ANSWER True 802.11g operates at a maximum of 11 Mbps - ANSWER False Wired Equivalent Privacy (WEP) was the first security measure us...

An organization is implementation g a preselected baseline of security controls but finds that some of the controls aren't relevant to their needs. What should they do - ANSWER Tailor the baseline to their requirements An admin is planning to deploy a database server and wants to ensure it is secure. She reviews a list of baseline security controls and identifies the security controls that apply to this database server. What is it called - ANSWER Scoping A data policy mandates teh use of ...

Data Remanence - ANSWER The remains of partial or even the entire data set of digital information Disaster Recovery Planning (DRP) - ANSWER Deals with restoring normal business operations after the disaster takes place...works to get the business back to normal Maximum tolerable downtime - ANSWER The maximum period of time that a critical business function can be inoperative before the company incurs significant and long-lasting damage. 802.5 - ANSWER IEEE standard defines the Token Rin...