©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM
ISACA CISM - Glossary (EN) Study Guide
Acceptable interruption window - Answer✔️✔️-The maximum period of time that a
system can be unavailable before compromising the achievement of the enterprise's
business objectives.
Acceptable use policy - Answer✔️✔️-A policy that establishes an agreement
between users and the enterprise and defines for all parties' the ranges of use that
are approved before gaining access to a network or the Internet.
Access path - Answer✔️✔️-The logical route that an end user takes to access
computerized information.
Scope Note: Typically includes a route through the operating system,
telecommunications software, selected application software and the access control
system.
Access rights - Answer✔️✔️-The permission or privileges granted to users,
programs or workstations to create, change, delete or view data and files within a
system, as defined by rules established by data owners and the information security
policy.
1
,©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM
Accountability - Answer✔️✔️-The ability to map a given activity or event back to
the responsible party.
Administrative control - Answer✔️✔️-The rules, procedures and practices dealing
with operational effectiveness, efficiency and adherence to regulations and
management policies.
Adware - Answer✔️✔️-A software package that automatically plays, displays or
downloads advertising material to a computer after the software is installed on it or
while the application is being used.
Scope Note: In most cases, this is done without any notification to the user or
without the user's consent. The term adware may also refer to software that
displays advertisements, whether or not it does so with the user's consent; such
programs display advertisements as an alternative to shareware registration fees.
These are classified as adware in the sense of advertising supported software, but
not as spyware. Adware in this form does not operate surreptitiously or mislead the
user, and it provides the user with a specific service.
2
,©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM
Alert situation - Answer✔️✔️-The point in an emergency procedure when the
elapsed time passes a threshold and the interruption is not resolved. The enterprise
entering into an alert situation initiates a series of escalation steps.
Alternate facilities - Answer✔️✔️-Locations and infrastructures from which
emergency or backup processes are executed, when the main premises are
unavailable or destroyed.
Scope Note: Includes other buildings, offices or data processing centers.
Alternate process - Answer✔️✔️-Automatic or manual process designed and
established to continue critical business processes from point-of-failure to return-
to- normal.
Antivirus software - Answer✔️✔️-An application software deployed at multiple
points in an IT architecture.
It is designed to detect and potentially eliminate virus code before damage is done
and repair or quarantine files that have already been infected.
3
, ©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM
Application controls - Answer✔️✔️-The policies, procedures and activities designed
to provide reasonable assurance that objectives relevant to a given automated
solution (application) are achieved.
Application layer - Answer✔️✔️-In the Open Systems Interconnection (OSI)
communications model, the application layer provides services for an application
program to ensure that effective communication with another application program
in a network is possible.
Scope Note: The application layer is not the application that is doing the
communication; a service layer that provides these services.
Application service provider (ASP) - Answer✔️✔️-Also known as managed service
provider (MSP), it deploys, hosts and manages access to a packaged application to
multiple parties from a centrally managed facility.
Scope Note: The applications are delivered over networks on a subscription basis.
Architecture - Answer✔️✔️-Description of the fundamental underlying design of the
components of the business system, or of one element of the business system (e.g.,
4
ISACA CISM - Glossary (EN) Study Guide
Acceptable interruption window - Answer✔️✔️-The maximum period of time that a
system can be unavailable before compromising the achievement of the enterprise's
business objectives.
Acceptable use policy - Answer✔️✔️-A policy that establishes an agreement
between users and the enterprise and defines for all parties' the ranges of use that
are approved before gaining access to a network or the Internet.
Access path - Answer✔️✔️-The logical route that an end user takes to access
computerized information.
Scope Note: Typically includes a route through the operating system,
telecommunications software, selected application software and the access control
system.
Access rights - Answer✔️✔️-The permission or privileges granted to users,
programs or workstations to create, change, delete or view data and files within a
system, as defined by rules established by data owners and the information security
policy.
1
,©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM
Accountability - Answer✔️✔️-The ability to map a given activity or event back to
the responsible party.
Administrative control - Answer✔️✔️-The rules, procedures and practices dealing
with operational effectiveness, efficiency and adherence to regulations and
management policies.
Adware - Answer✔️✔️-A software package that automatically plays, displays or
downloads advertising material to a computer after the software is installed on it or
while the application is being used.
Scope Note: In most cases, this is done without any notification to the user or
without the user's consent. The term adware may also refer to software that
displays advertisements, whether or not it does so with the user's consent; such
programs display advertisements as an alternative to shareware registration fees.
These are classified as adware in the sense of advertising supported software, but
not as spyware. Adware in this form does not operate surreptitiously or mislead the
user, and it provides the user with a specific service.
2
,©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM
Alert situation - Answer✔️✔️-The point in an emergency procedure when the
elapsed time passes a threshold and the interruption is not resolved. The enterprise
entering into an alert situation initiates a series of escalation steps.
Alternate facilities - Answer✔️✔️-Locations and infrastructures from which
emergency or backup processes are executed, when the main premises are
unavailable or destroyed.
Scope Note: Includes other buildings, offices or data processing centers.
Alternate process - Answer✔️✔️-Automatic or manual process designed and
established to continue critical business processes from point-of-failure to return-
to- normal.
Antivirus software - Answer✔️✔️-An application software deployed at multiple
points in an IT architecture.
It is designed to detect and potentially eliminate virus code before damage is done
and repair or quarantine files that have already been infected.
3
, ©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM
Application controls - Answer✔️✔️-The policies, procedures and activities designed
to provide reasonable assurance that objectives relevant to a given automated
solution (application) are achieved.
Application layer - Answer✔️✔️-In the Open Systems Interconnection (OSI)
communications model, the application layer provides services for an application
program to ensure that effective communication with another application program
in a network is possible.
Scope Note: The application layer is not the application that is doing the
communication; a service layer that provides these services.
Application service provider (ASP) - Answer✔️✔️-Also known as managed service
provider (MSP), it deploys, hosts and manages access to a packaged application to
multiple parties from a centrally managed facility.
Scope Note: The applications are delivered over networks on a subscription basis.
Architecture - Answer✔️✔️-Description of the fundamental underlying design of the
components of the business system, or of one element of the business system (e.g.,
4
