CIS 530 Final Exam
l i nki ng a human to the acti vi ti es of an
accountabi l i ty
onl i ne i denti ty in provabl e ways
securi ty pol i cy that defi nes organi zati onal
advi sory standards for acceptabl e securi ty behavi
or and acti vi ty
securi ty pol i ci es bei ng in sync or
in harmony wi th
al i gnment
organi zati onal mi ssi ons,
goal s, and strategi es
the process of (a) tracki ng and recordi ng an
authori zed subj ect's acti vi ty, or (b) detecti ng
audi ti ng
unauthori zed or abnormal acti vi ti es on a
system
authenti cati on veri fyi ng that a cl ai med i denti ty is val i d
granti ng access to an approved subj ect for
authori zati on performi ng an acti vi ty on an obj ect or
resource
assures that authori zed parti es are
avai l abi l i ty granted wi th ti mel y, uni nterrupted
access to i nformati on assets
, CIS 530 Final Exam
CI A Tri ad the three pri mary i nformati on securi ty pri nci pl es
assures that i nformati on assets are protected
from unauthori zed access, use, or di scl osure
confi denti al i ty
by unauthori zed parti es whi l e i n
storage, process, or transi t
reasonabl e precauti ons taken by an organi zati on to
due care
protect i ts i nformati on assets
due di l i gence practi ci ng the acti vi ti es that mai ntai n due care
the art and sci ence of hi di ng the
meani ng or i ntent of a
encrypti on
communi cati on from uni ntended reci
pi ents
process by whi ch a subj ect professes who or
i denti fi cati on
what they are
type of securi ty pol i cy that provi des
support, research, or background
i nformati ve
data rel evant to other pol
i cy el ements
, CIS 530 Final Exam
assures that i nformati on assets are unal
tered from thei r ori gi nal protected
i ntegri ty
state duri ngtransmi ssi on, storage, and
processi ng
assuri ng that a subj ect of an acti vi ty
nonrepudi ati on
cannot deny the acti vi ty's taki ng pl ace
securi ty pol i cy requi red by i ndustry or l egal
regul atory
standards
document that defi nes the scope of securi ty
needed by an organi zati on, i ncl udi ng assets
and thei r val ue, securi ty sol uti ons, overal l needs
securi ty pol i cy
and obj ecti ves for
securi ty, and the organi zati on's framework and
strategy
annual safeguard cost, or the cal cul ated val ue of
the cash and other resources used to
ACS
i mpl ement a countermeasure, in uni ts of
dol l ars per year
annual i zed l oss expectancy, the possi bl e yearl y cost
of al l i nstances of a parti cul arthreat agai
ALE
nst a parti cul ar asset, cal cul ated as ALE =
SLE * ARO
annual i zed rate of occurrence i s the
expected frequency wi th whi ch a
ARO
gi ven threat wi l l occur wi thi n a
si ngl e year
l i nki ng a human to the acti vi ti es of an
accountabi l i ty
onl i ne i denti ty in provabl e ways
securi ty pol i cy that defi nes organi zati onal
advi sory standards for acceptabl e securi ty behavi
or and acti vi ty
securi ty pol i ci es bei ng in sync or
in harmony wi th
al i gnment
organi zati onal mi ssi ons,
goal s, and strategi es
the process of (a) tracki ng and recordi ng an
authori zed subj ect's acti vi ty, or (b) detecti ng
audi ti ng
unauthori zed or abnormal acti vi ti es on a
system
authenti cati on veri fyi ng that a cl ai med i denti ty is val i d
granti ng access to an approved subj ect for
authori zati on performi ng an acti vi ty on an obj ect or
resource
assures that authori zed parti es are
avai l abi l i ty granted wi th ti mel y, uni nterrupted
access to i nformati on assets
, CIS 530 Final Exam
CI A Tri ad the three pri mary i nformati on securi ty pri nci pl es
assures that i nformati on assets are protected
from unauthori zed access, use, or di scl osure
confi denti al i ty
by unauthori zed parti es whi l e i n
storage, process, or transi t
reasonabl e precauti ons taken by an organi zati on to
due care
protect i ts i nformati on assets
due di l i gence practi ci ng the acti vi ti es that mai ntai n due care
the art and sci ence of hi di ng the
meani ng or i ntent of a
encrypti on
communi cati on from uni ntended reci
pi ents
process by whi ch a subj ect professes who or
i denti fi cati on
what they are
type of securi ty pol i cy that provi des
support, research, or background
i nformati ve
data rel evant to other pol
i cy el ements
, CIS 530 Final Exam
assures that i nformati on assets are unal
tered from thei r ori gi nal protected
i ntegri ty
state duri ngtransmi ssi on, storage, and
processi ng
assuri ng that a subj ect of an acti vi ty
nonrepudi ati on
cannot deny the acti vi ty's taki ng pl ace
securi ty pol i cy requi red by i ndustry or l egal
regul atory
standards
document that defi nes the scope of securi ty
needed by an organi zati on, i ncl udi ng assets
and thei r val ue, securi ty sol uti ons, overal l needs
securi ty pol i cy
and obj ecti ves for
securi ty, and the organi zati on's framework and
strategy
annual safeguard cost, or the cal cul ated val ue of
the cash and other resources used to
ACS
i mpl ement a countermeasure, in uni ts of
dol l ars per year
annual i zed l oss expectancy, the possi bl e yearl y cost
of al l i nstances of a parti cul arthreat agai
ALE
nst a parti cul ar asset, cal cul ated as ALE =
SLE * ARO
annual i zed rate of occurrence i s the
expected frequency wi th whi ch a
ARO
gi ven threat wi l l occur wi thi n a
si ngl e year
