©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM
CISM Glossary Exam Study Guide with 100% Correct Answers
Acceptable interruption window - Answer✔️✔️-The maximum period of time that a
system can be unavailable before compromising the achievement of the
organization's business objectives
Acceptable use policy - Answer✔️✔️-A policy that establishes an agreement
between users and the organization and defines for all parties the ranges of use that
are approved before gaining access to a network or the Internet
Access controls - Answer✔️✔️-The processes, rules and deployment mechanisms
that control access to information systems, resources and physical access to
premises
Access path - Answer✔️✔️-The logical route that an end user takes to access
computerized information. Typically it includes a route through the operating
system, telecommunications software, selected application software and the access
control system.
Access rights - Answer✔️✔️-The permission or privileges granted to users,
programs or workstations to create, change, delete or view data and files within a
1
,©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM
system, as defined by rules established by data owners and the information security
policy
Accountability - Answer✔️✔️-The ability to map a given activity or event back to
the responsible party
Address Resolution Protocol (ARP) - Answer✔️✔️-Defines the exchanges between
network interfaces connected to an Ethernet media segment in order to map an IP
address to a link layer address on demand
Administrative control - Answer✔️✔️-The rules, procedures and practices dealing
with operational effectiveness, efficiency and adherence to regulations and
management policies
Advance encryption standard (AES) - Answer✔️✔️-The international encryption
standard that replaced 3DES
Alert situation - Answer✔️✔️-The point in an emergency procedure when the
elapsed time passes a threshold and the interruption is not resolved. The
organization entering into an alert situation initiates a series of escalation steps.
Algorithm - Answer✔️✔️-A finite set of step-by-step instructions for a problem-
solving or computation procedure, especially one that can be implemented by a
computer
2
,©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM
Alternate facilities - Answer✔️✔️-Locations and infrastructures from which
emergency or backup processes are executed, when the main premises are
unavailable or destroyed. This includes other buildings, offices or data processing
centers.
Alternate process - Answer✔️✔️-Automatic or manual process designed and
established to continue critical business processes from point-of-failure to return-
to-normal
Annual loss expectancy (ALE) - Answer✔️✔️-The total expected loss divided by the
number of years in the forecast period yielding the average annual loss
Anomaly detection - Answer✔️✔️-Detection on the basis of whether the system
activity matches that defined as abnormal
Anonymous File Transfer Protocol (AFTP) - Answer✔️✔️-A method of
downloading public files using the File Transfer Protocol (FTP). AFTP does not
require users to identify themselves before accessing files from a particular server.
In general, users enter the word "anonymous" when the host prompts for a
username. Anything can be entered for the password, such as the user's e-mail
address or simply the word "guest." In many cases, an AFTP site will not prompt a
user for a name and password.
3
, ©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM
Antivirus software - Answer✔️✔️-An application software deployed at multiple
points in an IT architecture. It is designed to detect and potentially eliminate virus
code before damage is done, and repair or quarantine files that have already been
infected
Application controls - Answer✔️✔️-The policies, procedures and activities designed
to provide reasonable assurance that objectives relevant to a given automated
solution (application) are achieved
Application layer - Answer✔️✔️-In the Open Systems Interconnection (OSI)
communications model, the application layer provides services for an application
program to ensure that effective communication with another application program
in a network is possible. The application layer is not the application that is doing
the communication; it is a service layer that provides these services.
Application programming interface (API) - Answer✔️✔️-A set of routines, protocols
and tools referred to as "building blocks" used in business application software
development. A good API makes it easier to develop a program by providing all the
building blocks related to functional characteristics of an operating system that
applications need to specify, for example, when interfacing with the operating
system (e.g., provided by Microsoft Windows, different versions of UNIX). A
4
CISM Glossary Exam Study Guide with 100% Correct Answers
Acceptable interruption window - Answer✔️✔️-The maximum period of time that a
system can be unavailable before compromising the achievement of the
organization's business objectives
Acceptable use policy - Answer✔️✔️-A policy that establishes an agreement
between users and the organization and defines for all parties the ranges of use that
are approved before gaining access to a network or the Internet
Access controls - Answer✔️✔️-The processes, rules and deployment mechanisms
that control access to information systems, resources and physical access to
premises
Access path - Answer✔️✔️-The logical route that an end user takes to access
computerized information. Typically it includes a route through the operating
system, telecommunications software, selected application software and the access
control system.
Access rights - Answer✔️✔️-The permission or privileges granted to users,
programs or workstations to create, change, delete or view data and files within a
1
,©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM
system, as defined by rules established by data owners and the information security
policy
Accountability - Answer✔️✔️-The ability to map a given activity or event back to
the responsible party
Address Resolution Protocol (ARP) - Answer✔️✔️-Defines the exchanges between
network interfaces connected to an Ethernet media segment in order to map an IP
address to a link layer address on demand
Administrative control - Answer✔️✔️-The rules, procedures and practices dealing
with operational effectiveness, efficiency and adherence to regulations and
management policies
Advance encryption standard (AES) - Answer✔️✔️-The international encryption
standard that replaced 3DES
Alert situation - Answer✔️✔️-The point in an emergency procedure when the
elapsed time passes a threshold and the interruption is not resolved. The
organization entering into an alert situation initiates a series of escalation steps.
Algorithm - Answer✔️✔️-A finite set of step-by-step instructions for a problem-
solving or computation procedure, especially one that can be implemented by a
computer
2
,©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM
Alternate facilities - Answer✔️✔️-Locations and infrastructures from which
emergency or backup processes are executed, when the main premises are
unavailable or destroyed. This includes other buildings, offices or data processing
centers.
Alternate process - Answer✔️✔️-Automatic or manual process designed and
established to continue critical business processes from point-of-failure to return-
to-normal
Annual loss expectancy (ALE) - Answer✔️✔️-The total expected loss divided by the
number of years in the forecast period yielding the average annual loss
Anomaly detection - Answer✔️✔️-Detection on the basis of whether the system
activity matches that defined as abnormal
Anonymous File Transfer Protocol (AFTP) - Answer✔️✔️-A method of
downloading public files using the File Transfer Protocol (FTP). AFTP does not
require users to identify themselves before accessing files from a particular server.
In general, users enter the word "anonymous" when the host prompts for a
username. Anything can be entered for the password, such as the user's e-mail
address or simply the word "guest." In many cases, an AFTP site will not prompt a
user for a name and password.
3
, ©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM
Antivirus software - Answer✔️✔️-An application software deployed at multiple
points in an IT architecture. It is designed to detect and potentially eliminate virus
code before damage is done, and repair or quarantine files that have already been
infected
Application controls - Answer✔️✔️-The policies, procedures and activities designed
to provide reasonable assurance that objectives relevant to a given automated
solution (application) are achieved
Application layer - Answer✔️✔️-In the Open Systems Interconnection (OSI)
communications model, the application layer provides services for an application
program to ensure that effective communication with another application program
in a network is possible. The application layer is not the application that is doing
the communication; it is a service layer that provides these services.
Application programming interface (API) - Answer✔️✔️-A set of routines, protocols
and tools referred to as "building blocks" used in business application software
development. A good API makes it easier to develop a program by providing all the
building blocks related to functional characteristics of an operating system that
applications need to specify, for example, when interfacing with the operating
system (e.g., provided by Microsoft Windows, different versions of UNIX). A
4
