ISACA CISM - Glossary (EN) Study Guide

©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM 1 ISACA CISM - Glossary (EN) Study Guide Acceptable interruption window - Answer️️ -The maximum period of time that a system can be unavailable before compromising the achievement of the enterprise's business objectives. Acceptable use policy - Answer️️ -A policy that establishes an agreement between users and the enterprise and defines for all parties' the ranges of use that are approved before gaining access to a network or the Internet. Access path - Answer️️ -The logical route that an end user takes to access computerized information. Scope Note: Typically includes a route through the operating system, telecommunications software, selected application software and the access control system. Access rights - Answer️️ -The permission or privileges granted to users, programs or workstations to create, change, delete or view data and files within a system, as defined by rules established by data owners and the information security policy. ©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM 2 Accountability - Answer️️ -The ability to map a given activity or event back to the responsible party. Administrative control - Answer️️ -The rules, procedures and practices dealing with operational effectiveness, efficiency and adherence to regulations and management policies. Adware - Answer️️ -A software package that automatically plays, displays or downloads advertising material to a computer after the software is installed on it or while the application is being used. Scope Note: In most cases, this is done without any notification to the user or without the user's consent. The term adware may also refer to software that displays advertisements, whether or not it does so with the user's consent; such programs display advertisements as an alternative to shareware registration fees. These are classified as adware in the sense of advertising supported software, but not as spyware. Adware in this form does not operate surreptitiously or mislead the user, and it provides the user with a specific service. ©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM 3 Alert situation - Answer️️ -The point in an emergency procedure when the elapsed time passes a threshold and the interruption is not resolved. The enterprise entering into an alert situation initiates a series of escalation steps. Alternate facilities - Answer️️ -Locations and infrastructures from which emergency or backup processes are executed, when the main premises are unavailable or destroyed. Scope Note: Includes other buildings, offices or data processing centers. Alternate process - Answer️️ -Automatic or manual process designed and established to continue critical business processes from point-of-failure to return- to- normal. Antivirus software - Answer️️ -An application software deployed at multiple points in an IT architecture. It is designed to detect and potentially eliminate virus code before damage is done and repair or quarantine files that have already been infected. ©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM 4 Application controls - Answer️️ -The policies, procedures and activities designed to provide reasonable assurance that objectives relevant to a given automated solution (application) are achieved. Application layer - Answer️️ -In the Open Systems Interconnection (OSI) communications model, the application layer provides services for an application program to ensure that effective communication with another application program in a network is possible. Scope Note: The application layer is not the application that is doing the communication; a service layer that provides these services. Application service provider (ASP) - Answer️️ -Also known as managed service provider (MSP), it deploys, hosts and manages access to a packaged application to multiple parties from a centrally managed facility. Scope Note: The applications are delivered over networks on a subscription basis. Architecture - Answer️️ -Description of the fundamental underlying design of the components of the business system, or of one element of the business system (e.g., ©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM 5 technology), the relationships among them, and the manner in which they support enterprise objectives. Benchmarking - Answer️️ -A systematic approach to comparing enterprise performance against peers and competitors in an effort to learn the best ways of conducting business. Scope Note: Examples include benchmarking of quality, logistic efficiency and various other metrics. Bit-stream image - Answer️️ -Bit-stream backups, also referred to as mirror image backups, involve the backup of all areas of a computer hard disk drive or other type of storage media. Scope Note: Such backups exactly replicate all sectors on a given storage device including all files and ambient data storage areas. Brute force attack - Answer️️ -Repeatedly trying all possible combinations of passwords or encryption keys until the correct one is found. Business case - Answer️️ -Documentation of the rationale for making a business investment, used both to support a business decision on whether