OFFICIAL (ISC)² CISSP - DOMAIN 1:
SECURITY AND RISK MANAGEMENT
QUIZS AND ANSWERS WITH
SOLUTIONS 2024
Acceptable risk - ANSWER A suitable level of risk commensurate with the potential benefits of the
organization's operations as determined by senior management.
Audit/auditing - ANSWER The tools, processes, and activities used to perform compliance reviews.
Availability - ANSWER Ensuring timely and reliable access to and use of information by authorized users.
Business continuity (BC) - ANSWER Actions, processes, and tools for ensuring an organization can
continue critical operations during a contingency.
Business continuity and disaster recovery (BCDR) - ANSWER A term used to jointly describe business
continuity and disaster recovery efforts.
Business impact analysis (BIA) - ANSWER A list of the organization's assets, annotated to reflect the
criticality of each asset to the organization.
Compliance - ANSWER Adherence to a mandate; both the actions demonstrating adherence and the
tools, processes, and documentation that are used in adherence.
Confidentiality - ANSWER Preserving authorized restrictions on information access and disclosure,
including means for protecting personal privacy and proprietary information.
Data custodian - ANSWER The person/role within the organization who usually manages the data on a
day-to-day basis on behalf of the data owner/controller.
Data owner/controller - ANSWER An entity that collects or creates PII.
SECURITY AND RISK MANAGEMENT
QUIZS AND ANSWERS WITH
SOLUTIONS 2024
Acceptable risk - ANSWER A suitable level of risk commensurate with the potential benefits of the
organization's operations as determined by senior management.
Audit/auditing - ANSWER The tools, processes, and activities used to perform compliance reviews.
Availability - ANSWER Ensuring timely and reliable access to and use of information by authorized users.
Business continuity (BC) - ANSWER Actions, processes, and tools for ensuring an organization can
continue critical operations during a contingency.
Business continuity and disaster recovery (BCDR) - ANSWER A term used to jointly describe business
continuity and disaster recovery efforts.
Business impact analysis (BIA) - ANSWER A list of the organization's assets, annotated to reflect the
criticality of each asset to the organization.
Compliance - ANSWER Adherence to a mandate; both the actions demonstrating adherence and the
tools, processes, and documentation that are used in adherence.
Confidentiality - ANSWER Preserving authorized restrictions on information access and disclosure,
including means for protecting personal privacy and proprietary information.
Data custodian - ANSWER The person/role within the organization who usually manages the data on a
day-to-day basis on behalf of the data owner/controller.
Data owner/controller - ANSWER An entity that collects or creates PII.
