HCISPP - Domain 1 - Risk Management and Risk Assessment Domain
Confidentiality CIA - only authorized people can access the data
Integrity CIA - holds that the data is accurate and unaltered
Availability CIA - data must be available upon need
CIA break down Confidentiality, Integrity, Availability
A lock on a safe provides what CIA Confidentiality
Backups provide what CIA Availability
Version control provides what CIA Integrity
These controls ensure data is Availability
accessible and useable upon demand
The controls ensure that data has not Integrity
been altered in an unauthorized
manner
These controls prevent unauthorized Confidentiality
disclosure of sensitive data
, HCISPP - Domain 1 - Risk Management and Risk Assessment Domain
What is upheld when the assurance of Integrity
accuracy and reliability of information
and systems is provided and
unauthorized modification of data is
prevented?
The potential for loss, damage, or Risk
destruction of an ASSET as a result of a
THREAT exploiting a VULNERABILITY
Asset Valuation can be what two Tangible or Intangible
categories
Tangible things are physical things and True
easier to quantify TF
Intangible things include information True
and are harder to quantify TF
Natural, Technical, Environmental, Threats
Operational, and Human are examples
of what?
, HCISPP - Domain 1 - Risk Management and Risk Assessment Domain
A fire, flood, tornado, hurricane, Natural Threat
snowstorm, or earthquake are
examples of what type of threat?
What type of threat includes a Technical Threat
hardware or software failure, malicious
code, new technologies?
What type of threat is a hazardous Environmental Threat
waste or biological agent?
What type of threat is a process that Operational Threat
affects confidentiality, integrity, or
availability?
What type of threat can be intentional Human Threat
or unintentional, malicious outsider or
insider, or human error?
What are weaknesses that a threat can Vulnerabilities
exploit?
Confidentiality CIA - only authorized people can access the data
Integrity CIA - holds that the data is accurate and unaltered
Availability CIA - data must be available upon need
CIA break down Confidentiality, Integrity, Availability
A lock on a safe provides what CIA Confidentiality
Backups provide what CIA Availability
Version control provides what CIA Integrity
These controls ensure data is Availability
accessible and useable upon demand
The controls ensure that data has not Integrity
been altered in an unauthorized
manner
These controls prevent unauthorized Confidentiality
disclosure of sensitive data
, HCISPP - Domain 1 - Risk Management and Risk Assessment Domain
What is upheld when the assurance of Integrity
accuracy and reliability of information
and systems is provided and
unauthorized modification of data is
prevented?
The potential for loss, damage, or Risk
destruction of an ASSET as a result of a
THREAT exploiting a VULNERABILITY
Asset Valuation can be what two Tangible or Intangible
categories
Tangible things are physical things and True
easier to quantify TF
Intangible things include information True
and are harder to quantify TF
Natural, Technical, Environmental, Threats
Operational, and Human are examples
of what?
, HCISPP - Domain 1 - Risk Management and Risk Assessment Domain
A fire, flood, tornado, hurricane, Natural Threat
snowstorm, or earthquake are
examples of what type of threat?
What type of threat includes a Technical Threat
hardware or software failure, malicious
code, new technologies?
What type of threat is a hazardous Environmental Threat
waste or biological agent?
What type of threat is a process that Operational Threat
affects confidentiality, integrity, or
availability?
What type of threat can be intentional Human Threat
or unintentional, malicious outsider or
insider, or human error?
What are weaknesses that a threat can Vulnerabilities
exploit?
