ASIS APP EXAM- Protection of Assets Information
Security | QUESTIONS AND WELL VERIFIED
ANSWERS |ACTUAL EXAM 100%
What is IAP? - ✔✔Information Asset Protection.
1.1
A key element of the risk assessment model is a? - ✔✔thorough study of existing and
projected threats.
1.3.2
in regards to information security perhaps the most frequently overlooked threats are? -
✔✔Inadvertent threats. These are also the most difficult to identify and evaluate
1.3.2
what is ISS? - ✔✔Information systems security
3
the objective of an organization's information security system is to prudently and cost-
effectively manage the risk that critical organizational information could? Three items -
✔✔be compromised,
be changed without authorization, or
become unavailable
3
the security professionals strives to protect informations?three items -
✔✔confidentiality,
, integrity,
and availability
3.
Information system threat - ✔✔any circumstance, capable, action, or event with the
potential to adversely impact an information system through unauthorized access,
destruction, disclosure, modifications of data, and/or denial of service.
3.1.1
information system vulnerability - ✔✔a flaw or weakness in the information systems
design, implementation, or operation management, including policies, procedures,
processes, and internal controls that could be exploited to violate the systems security
policy.
3.1.1
information systems risk - ✔✔product of level of threat and level of vulnerability.
3.1.1
information system countermeasure - ✔✔an action, device, procedure, technique, or
other measure that reduces a threat, a vulnerability, or an attack by eliminating or
preventing it, by minimizing the harm it may cause, or by discovering and reporting it so
that corrective action can be taken.
3.1.1
residual threat risk - ✔✔for each threat, the remaining potential risk after all ISS
countermeasures are applied.
3.1.1
Security | QUESTIONS AND WELL VERIFIED
ANSWERS |ACTUAL EXAM 100%
What is IAP? - ✔✔Information Asset Protection.
1.1
A key element of the risk assessment model is a? - ✔✔thorough study of existing and
projected threats.
1.3.2
in regards to information security perhaps the most frequently overlooked threats are? -
✔✔Inadvertent threats. These are also the most difficult to identify and evaluate
1.3.2
what is ISS? - ✔✔Information systems security
3
the objective of an organization's information security system is to prudently and cost-
effectively manage the risk that critical organizational information could? Three items -
✔✔be compromised,
be changed without authorization, or
become unavailable
3
the security professionals strives to protect informations?three items -
✔✔confidentiality,
, integrity,
and availability
3.
Information system threat - ✔✔any circumstance, capable, action, or event with the
potential to adversely impact an information system through unauthorized access,
destruction, disclosure, modifications of data, and/or denial of service.
3.1.1
information system vulnerability - ✔✔a flaw or weakness in the information systems
design, implementation, or operation management, including policies, procedures,
processes, and internal controls that could be exploited to violate the systems security
policy.
3.1.1
information systems risk - ✔✔product of level of threat and level of vulnerability.
3.1.1
information system countermeasure - ✔✔an action, device, procedure, technique, or
other measure that reduces a threat, a vulnerability, or an attack by eliminating or
preventing it, by minimizing the harm it may cause, or by discovering and reporting it so
that corrective action can be taken.
3.1.1
residual threat risk - ✔✔for each threat, the remaining potential risk after all ISS
countermeasures are applied.
3.1.1
