SSCP/CISSP Domain 1 and 2 QUESTIONS WITH COMPLETE SOLUTIONS

Availability correct answer: Refers to the ability to access and use information systems when and as needed to support an organization's operations. Breach correct answer: The intentional or unintentional release of secure information to an untrusted environment. CMDB correct answer: A configuration management database (CMDB) is a repository that contains a collection of IT assets that are referred to as configuration items. Compensating Controls correct answer: Introduced when the existing capabilities of a system do not support the requirements of a policy. Confidentiality correct answer: Refers to the property of information in which it is only made available to those who have a legitimate need to know. Configuration Management (CM) correct answer: A discipline that seeks to manage configuration changes so that they are appropriately approved and documented, so that the integrity of the security state is maintained, and so that disruptions to performance and availability are minimized. Corrective Control correct answer: These controls remedy the circumstances that enabled unwarranted activity, and/ or return conditions to where they were prior to the unwanted activity. COTS correct answer: A Federal Acquistion Regulation (FAR) term for commercial off-the-shelf (COTS) items, that can be purchased n the commercial marketplace and used under government contract. Deduplication correct answer: A process that scans the entire collection of information looking for similar chunks of data that can be consolidated. Defense-in-depth correct answer: Provision of several overlapping subsequent limiting barriers with no respect to one safety or security threshold, so that the threshold can only be surpassed if all barriers have failed. Degaussing correct answer: A technique of erasing data on disk