Save
Busy. Please wait.
Log in using Clever
or

show password
Forgot Password?

Don't have an account?  Sign up 
Sign up using Clever
or

Username is available taken
show password

why


Make sure to remember your password. If you forget it there is no way for StudyStack to send you a reset link. You would need to create a new account.
Your email address is only used to allow you to reset your password. See our Privacy Policy and Terms of Service.


Already a StudyStack user? Log In

Reset Password
Enter the associated with your account, and we'll email you a link to reset your password.
focusNode
Didn't know it?
click below
 
Knew it?
click below
Don't know
Remaining cards (0)
Know
0:00
share
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.

  Normal Size     Small Size show me how

CISSP Study

Domain 1 - Security and Risk Management

QuestionAnswer
Acronym meaning: CIA Confidentiality, Integrity, & Availability (Careful not to fall for the AIC trick as its sometimes referred to)
Acronym meaning: IAAA Identification, Authentication, Authorization, & Accountability
Insures reliability and timely access to data and resources to authorized individuals. Availability
Upheld when the assurance of the accuracy and reliability of information systems is provided and any unauthorized modification is prevented. Integrity
Ensures that the necessary level of secrecy is enforced at each junction of data processing and prevents unauthorized disclosure. Confidentiality
All of the following provide? Redundant Array of Independent Disks (RAID), Clustering, Load Balancing, Redundant data & power lines, Software & data backups, Disk shadowing, Co-location & offsite facilities, Rollback functions, & Failover configs. Availability
All of the following provide? Hashing (data integrity), Configuration MGMT (System Integrity), Change control (Process Integrity), Access Control (Physical & Technical), Software Digital Signing, & Xmission CRC functions Integrity
All of the following provide? Encryption for DAR (Whole disk & DB), Encryption for DIT (IPSec, TLS, PPTP, SSH), & Access Control (Physical & Technical) Confidentiality
A weakness in a system that allows a threat source to compromise its security? Vulnerability
Any potential danger that is associated with the exploitation of a vulnerability? Threat
If the threat is that someone will identify a specific vulnerability and use it against the company or individual, then the entity that takes advantage of a vulnerability is referred to as? Threat Agent
The likelihood of a threat source exploiting a vulnerability and the corresponding business impact is referred to as? Risk
An instance of being exposed to losses is? Exposure
These are put in place to mitigate (reduce) the potential risk? Control, Countermeasure, or Safeguard (These terms are interchangeable)
A threat agent gives rise to? Threat
A threat exploits? Vulnerability
Vulnerability leads to? Risk
Risk can damage an? Asset
Asset damage can cause an? Exposure
An exposure can be counter measured by a? Safeguard
What are the three (3) control types? Administrative, Technical, & Physical
Created by: towilliamsjr
 

 



Voices

Use these flashcards to help memorize information. Look at the large card and try to recall what is on the other side. Then click the card to flip it. If you knew the answer, click the green Know box. Otherwise, click the red Don't know box.

When you've placed seven or more cards in the Don't know box, click "retry" to try those cards again.

If you've accidentally put the card in the wrong box, just click on the card to take it out of the box.

You can also use your keyboard to move the cards as follows:

If you are logged in to your account, this website will remember which cards you know and don't know so that they are in the same box the next time you log in.

When you need a break, try one of the other activities listed below the flashcards like Matching, Snowman, or Hungry Bug. Although it may feel like you're playing a game, your brain is still making more connections with the information to help you out.

To see how well you know the information, try the Quiz or Test activity.

Pass complete!

"Know" box contains:
Time elapsed:
Retries:
restart all cards