©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM
CISM (Certified Information Security manager) –
Vocabulary Exam Study Guide
Acceptable interruption window - Answer✔️✔️-Max time a system can be
unavailable before compromising business objectives.
Acceptable use policy - Answer✔️✔️-Policy agreement between users and the
organization. Defines approved range of use for access to a network or the Internet
Access controls - Answer✔️✔️-The processes, rules and deployment mechanisms
that control access to information systems, resources and physical access to
premises
Access path - Answer✔️✔️-Logical route an end user takes to access computerized
information. Typically includes a route through the OS, telecommunications
software, applications, and access controls.
Access rights - Answer✔️✔️-Permission or privileges granted to users, programs or
workstations to create, change, delete or view data and files within a system, as
defined by rules established by data owners and the information security policy
1
,©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM
Accountability - Answer✔️✔️-The ability to map a given activity or event back to
the responsible party
Action plan - Answer✔️✔️-A plan of the steps necessary to achieve objectives
Ad hoc - Answer✔️✔️-Arbitrary approach, no formal plan or process
Administrative controls - Answer✔️✔️-Rules, procedures and practices that deal
with operational effectiveness, efficiency and adherence to regulations and
management policies.
Adware - Answer✔️✔️-Any software package that automatically plays, displays or
downloads advertising material to a computer after the software is installed on it or
while the application is being used. In most cases, this is done without any
notification to the user or without the user's consent. This software may or maynot
contain spyware.
Advance Encryption Standard (AES) - Answer✔️✔️-The international encryption
standard that replaced 3DES.
Algorithm - Answer✔️✔️-A finite set of step-by-step instructions for a problem-
solving or computation procedure, especially one that can be implemented by a
computer.
2
,©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM
Anomaly-Based Detection - Answer✔️✔️-The process of comparing definitions of
what activity is considered normal against observed events to identify significant
deviations. This approach is used on some intrusion detection systems.
Annual Loss Expectation (ALE) - Answer✔️✔️-The total expected loss divided by
the number of years in the forecast period yielding the average annual loss
Alert situation - Answer✔️✔️-The point in an emergency procedure when the
elapsed time passes a threshold and the interruption is not resolved. The
organization entering into an alert situation initiates a series of escalation steps.
Alternate facilities - Answer✔️✔️-Locations and infrastructures from which
emergency or backup processes are executed, when the main premises are
unavailable or destroyed. This includes other buildings, offices or data processing
centers.
Alternate process - Answer✔️✔️-Automatic or manual processes designed and
established to continue critical business processes from point-of-failure to return-
to-normal
Anonymous File Transfer Protocol (AFTP)* - Answer✔️✔️-A method of
downloading public files using the File Transfer Protocol (FTP). AFTP does not
require users to identify themselves before accessing files from a particular server.
3
, ©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM
In general, users enter the word "anonymous" when the host prompts for a
username. Anything can be entered for the password, such as the user's e-mail
address or simply the word "guest."
Antivirus software - Answer✔️✔️-An application software deployed at multiple
points in an IT architecture. It is designed to detect and potentially eliminate virus
code before damage is done, and repair or quarantine files that have already been
infected
Application Programming Interface (API) - Answer✔️✔️-An application
programming interface (API) is a source code-based specification intended to be
used as an interface by software components to communicate with each other.
Application controls - Answer✔️✔️-The policies, procedures and activities designed
to provide reasonable assurance that objectives relevant to a given automated
solution (application) are achieved
Application layers - Answer✔️✔️-In the Open Systems Interconnection (OSI)
communications model, the application layer provides services for an application
program to ensure that effective communication with another application program
in a network is possible. The application layer is not the application that is doing
the communication; it is a service layer that provides these services.
4
CISM (Certified Information Security manager) –
Vocabulary Exam Study Guide
Acceptable interruption window - Answer✔️✔️-Max time a system can be
unavailable before compromising business objectives.
Acceptable use policy - Answer✔️✔️-Policy agreement between users and the
organization. Defines approved range of use for access to a network or the Internet
Access controls - Answer✔️✔️-The processes, rules and deployment mechanisms
that control access to information systems, resources and physical access to
premises
Access path - Answer✔️✔️-Logical route an end user takes to access computerized
information. Typically includes a route through the OS, telecommunications
software, applications, and access controls.
Access rights - Answer✔️✔️-Permission or privileges granted to users, programs or
workstations to create, change, delete or view data and files within a system, as
defined by rules established by data owners and the information security policy
1
,©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM
Accountability - Answer✔️✔️-The ability to map a given activity or event back to
the responsible party
Action plan - Answer✔️✔️-A plan of the steps necessary to achieve objectives
Ad hoc - Answer✔️✔️-Arbitrary approach, no formal plan or process
Administrative controls - Answer✔️✔️-Rules, procedures and practices that deal
with operational effectiveness, efficiency and adherence to regulations and
management policies.
Adware - Answer✔️✔️-Any software package that automatically plays, displays or
downloads advertising material to a computer after the software is installed on it or
while the application is being used. In most cases, this is done without any
notification to the user or without the user's consent. This software may or maynot
contain spyware.
Advance Encryption Standard (AES) - Answer✔️✔️-The international encryption
standard that replaced 3DES.
Algorithm - Answer✔️✔️-A finite set of step-by-step instructions for a problem-
solving or computation procedure, especially one that can be implemented by a
computer.
2
,©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM
Anomaly-Based Detection - Answer✔️✔️-The process of comparing definitions of
what activity is considered normal against observed events to identify significant
deviations. This approach is used on some intrusion detection systems.
Annual Loss Expectation (ALE) - Answer✔️✔️-The total expected loss divided by
the number of years in the forecast period yielding the average annual loss
Alert situation - Answer✔️✔️-The point in an emergency procedure when the
elapsed time passes a threshold and the interruption is not resolved. The
organization entering into an alert situation initiates a series of escalation steps.
Alternate facilities - Answer✔️✔️-Locations and infrastructures from which
emergency or backup processes are executed, when the main premises are
unavailable or destroyed. This includes other buildings, offices or data processing
centers.
Alternate process - Answer✔️✔️-Automatic or manual processes designed and
established to continue critical business processes from point-of-failure to return-
to-normal
Anonymous File Transfer Protocol (AFTP)* - Answer✔️✔️-A method of
downloading public files using the File Transfer Protocol (FTP). AFTP does not
require users to identify themselves before accessing files from a particular server.
3
, ©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM
In general, users enter the word "anonymous" when the host prompts for a
username. Anything can be entered for the password, such as the user's e-mail
address or simply the word "guest."
Antivirus software - Answer✔️✔️-An application software deployed at multiple
points in an IT architecture. It is designed to detect and potentially eliminate virus
code before damage is done, and repair or quarantine files that have already been
infected
Application Programming Interface (API) - Answer✔️✔️-An application
programming interface (API) is a source code-based specification intended to be
used as an interface by software components to communicate with each other.
Application controls - Answer✔️✔️-The policies, procedures and activities designed
to provide reasonable assurance that objectives relevant to a given automated
solution (application) are achieved
Application layers - Answer✔️✔️-In the Open Systems Interconnection (OSI)
communications model, the application layer provides services for an application
program to ensure that effective communication with another application program
in a network is possible. The application layer is not the application that is doing
the communication; it is a service layer that provides these services.
4
