©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM
CISM Exam Study Guide with Complete Solutions
One - Answer✔️✔️-One
Two - Answer✔️✔️-Two
Acceptable use policy - Answer✔️✔️-A policy that establishes an agreement
between users and the organization, and defines for all parties' ranges of use that
are approved before gaining access to a network or the Internet
Access controls - Answer✔️✔️-The processes, rules and deployment mechanisms
that control access to information systems, resources and physical access to
premises
Access path - Answer✔️✔️-The logical route that an end user takes to access
computerized information. Typically, it includes a route through the operating
system, telecommunications software, selected application software and the access
control system.
Access rights - Answer✔️✔️-The permission or privileges granted to users,
programs or workstations to create, change, delete or view data and files within a
system, as defined by rules established by data owners and the information security
policy
1
,©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM
Accountability - Answer✔️✔️-The ability to map a given activity or event back to
the responsible party
Action plan - Answer✔️✔️-A plan for the steps necessary to navigate the roadmap to
achieve objectives
Ad hoc - Answer✔️✔️-Arbitrary approach, no formal plan or process
Adware - Answer✔️✔️-Any software package that automatically plays, displays or
downloads advertising material to a computer after the software is installed on it or
while the application is being used. In most cases, this is done without any
notification to the user or without the user's consent. The term adware may also
refer to software that displays advertisements, whether or not it does so with the
user's consent; such programs display advertisements as an alternative to shareware
registration fees. These are classified as adware in the sense of advertising-
supported software, but not as spyware. Adware in this form does not operate
surreptitiously or mislead the user, and provides the user with a specific service.
Advance Encryption Standard (AES) - Answer✔️✔️-The international encryption
standard that replaced 3DES.
2
,©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM
Algorithm - Answer✔️✔️-A finite set of step-by-step instructions for a problem-
solving or computation procedure, especially one that can be implemented by a
computer.
Anomaly-Based Detection - Answer✔️✔️-The process of comparing definitions of
what activity is considered normal against observed events to identify significant
deviations. This approach is used on some intrusion detection systems.
Annual Loss Expectation (ALE) - Answer✔️✔️-The total expected loss divided by
the number of years in the forecast period yielding the average annual loss
Alert situation - Answer✔️✔️-The point in an emergency procedure when the
elapsed time passes a threshold and the interruption is not resolved. The
organization entering into an alert situation initiates a series of escalation steps.
Alternate facilities - Answer✔️✔️-Locations and infrastructures from which
emergency or backup processes are executed, when the main premises are
unavailable or destroyed. This includes other buildings, offices or data processing
centers.
Alternate process - Answer✔️✔️-Automatic or manual processes designed and
established to continue critical business processes from point-of-failure to return-
to-normal
3
, ©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM
Anonymous File Transfer Protocol (AFTP) - Answer✔️✔️-A method of
downloading public files using the File Transfer Protocol (FTP). AFTP does not
require users to identify themselves before accessing files from a particular server.
In general, users enter the word "anonymous" when the host prompts for a
username. Anything can be entered for the password, such as the user's e-mail
address or simply the word "guest." In many cases, an AFTP site will not prompt a
user for a name and password.
Antivirus software - Answer✔️✔️-An application software deployed at multiple
points in an IT architecture. It is designed to detect and potentially eliminate virus
code before damage is done, and repair or quarantine files that have already been
infected
Application Programming Interface (API) - Answer✔️✔️-An application
programming interface (API) is a source code-based specification intended to be
used as an interface by software components to communicate with each other.
Application controls - Answer✔️✔️-The policies, procedures and activities designed
to provide reasonable assurance that objectives relevant to a given automated
solution (application) are achieved
4
CISM Exam Study Guide with Complete Solutions
One - Answer✔️✔️-One
Two - Answer✔️✔️-Two
Acceptable use policy - Answer✔️✔️-A policy that establishes an agreement
between users and the organization, and defines for all parties' ranges of use that
are approved before gaining access to a network or the Internet
Access controls - Answer✔️✔️-The processes, rules and deployment mechanisms
that control access to information systems, resources and physical access to
premises
Access path - Answer✔️✔️-The logical route that an end user takes to access
computerized information. Typically, it includes a route through the operating
system, telecommunications software, selected application software and the access
control system.
Access rights - Answer✔️✔️-The permission or privileges granted to users,
programs or workstations to create, change, delete or view data and files within a
system, as defined by rules established by data owners and the information security
policy
1
,©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM
Accountability - Answer✔️✔️-The ability to map a given activity or event back to
the responsible party
Action plan - Answer✔️✔️-A plan for the steps necessary to navigate the roadmap to
achieve objectives
Ad hoc - Answer✔️✔️-Arbitrary approach, no formal plan or process
Adware - Answer✔️✔️-Any software package that automatically plays, displays or
downloads advertising material to a computer after the software is installed on it or
while the application is being used. In most cases, this is done without any
notification to the user or without the user's consent. The term adware may also
refer to software that displays advertisements, whether or not it does so with the
user's consent; such programs display advertisements as an alternative to shareware
registration fees. These are classified as adware in the sense of advertising-
supported software, but not as spyware. Adware in this form does not operate
surreptitiously or mislead the user, and provides the user with a specific service.
Advance Encryption Standard (AES) - Answer✔️✔️-The international encryption
standard that replaced 3DES.
2
,©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM
Algorithm - Answer✔️✔️-A finite set of step-by-step instructions for a problem-
solving or computation procedure, especially one that can be implemented by a
computer.
Anomaly-Based Detection - Answer✔️✔️-The process of comparing definitions of
what activity is considered normal against observed events to identify significant
deviations. This approach is used on some intrusion detection systems.
Annual Loss Expectation (ALE) - Answer✔️✔️-The total expected loss divided by
the number of years in the forecast period yielding the average annual loss
Alert situation - Answer✔️✔️-The point in an emergency procedure when the
elapsed time passes a threshold and the interruption is not resolved. The
organization entering into an alert situation initiates a series of escalation steps.
Alternate facilities - Answer✔️✔️-Locations and infrastructures from which
emergency or backup processes are executed, when the main premises are
unavailable or destroyed. This includes other buildings, offices or data processing
centers.
Alternate process - Answer✔️✔️-Automatic or manual processes designed and
established to continue critical business processes from point-of-failure to return-
to-normal
3
, ©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM
Anonymous File Transfer Protocol (AFTP) - Answer✔️✔️-A method of
downloading public files using the File Transfer Protocol (FTP). AFTP does not
require users to identify themselves before accessing files from a particular server.
In general, users enter the word "anonymous" when the host prompts for a
username. Anything can be entered for the password, such as the user's e-mail
address or simply the word "guest." In many cases, an AFTP site will not prompt a
user for a name and password.
Antivirus software - Answer✔️✔️-An application software deployed at multiple
points in an IT architecture. It is designed to detect and potentially eliminate virus
code before damage is done, and repair or quarantine files that have already been
infected
Application Programming Interface (API) - Answer✔️✔️-An application
programming interface (API) is a source code-based specification intended to be
used as an interface by software components to communicate with each other.
Application controls - Answer✔️✔️-The policies, procedures and activities designed
to provide reasonable assurance that objectives relevant to a given automated
solution (application) are achieved
4
