Written by students who passed Immediately available after payment Read online or as PDF Wrong document? Swap it for free 4.6 TrustPilot
logo-home
Exam (elaborations)

CISSP - DOMAIN 1: SECURITY AND RISK MANAGEMENT QUESTIONS AND ANSWERS WITH SOLUTIONS 2024

Rating
-
Sold
-
Pages
61
Grade
A+
Uploaded on
25-08-2024
Written in
2024/2025

CISSP - DOMAIN 1: SECURITY AND RISK MANAGEMENT QUESTIONS AND ANSWERS WITH SOLUTIONS 2024

Institution
Ccep
Course
Ccep

Content preview

CISSP - DOMAIN 1: SECURITY AND RISK
MANAGEMENT QUESTIONS AND
ANSWERS WITH SOLUTIONS 2024
Domain Objectives 1.1 Understand, adhere to, and promote professional ethics - ANSWER •(ISC)2 Code
of Professional Ethics

•Organizational code of ethics



(ISC)2 Code of Professional Ethics - ANSWER (ISC)2 states in its preamble to the actual code of ethics,
"The safety and welfare of society and the common good, duty to our principles, and to each other,
requires that we adhere, and be seen to adhere, to the highest ethical standards of behavior. Therefore,
strict adherence to this code is a condition of certification."



(ISC)2 Code of Professional Ethics - ANSWER The (ISC)2 code of ethics is a collection of requirements that
apply to how you act, interact with others (including employers), and make decisions as an information
security professional. The code is designed to "give assured reliance on the character, ability, strength, or
truth of a fellow (ISC)2 member, and it provides a high level of confidence when dealing with a peer
member.



(ISC)2 Code of Professional Ethics - 4 Canons - ANSWER The official four canons are as follows (ranked in
importance):

•Protect society, the commonwealth, and the infrastructure.

•Act honorably, honestly, justly, responsibly, and legally.

•Provide diligent and competent service to principals.

•Advance and protect the profession.



(ISC)2 Code of Professional Ethics - "Protect society, the commonwealth, and the infrastructure," -
ANSWER (ISC)2 expands to:

•Promote and preserve public trust and confidence in information and systems.

•Promote the understanding and acceptance of prudent information security measures.

•Preserve and strengthen the integrity of the public infrastructure.

•Discourage unsafe practices.

,(ISC)2 Code of Professional Ethics - "Act honorably, justly, responsibly and legally," - ANSWER refers to:

•Tell the truth; make all stakeholders aware of your actions on a timely basis.

•Observe all contracts and agreements, express or implied.

•Treat all members fairly. In resolving conflicts, consider public safety and duties to principals,
individuals, and the profession in that order.

•Give prudent advice; avoid raising unnecessary alarm or giving unwarranted comfort. Take care to be
truthful, objective, cautious, and within your competence.

•When resolving different laws in different jurisdictions, give preference to the laws of the jurisdiction in
which you render your service.



(ISC)2 Code of Professional Ethics - "Provide diligent and competent service to principals," - ANSWER
compels you to:

•Preserve the value of their systems, applications and information.

•Respect their trust and the privileges that they grant you.

•Avoid conflicts of interest or the appearance thereof.

•Render only those services for which you are fully competent and qualified.



(ISC)2 Code of Professional Ethics - "Advance and protect the profession," - ANSWER (ISC)2 offers this
guidance:

•Sponsor for professional advancement those best qualified. All other things equal, prefer those who are
certified and who adhere to these canons. Avoid professional association with those whose practices or
reputation might diminish the profession.

•Take care not to injure the reputation of other professionals through malice, or indifference.

•Maintain your competence; keep your skills and knowledge current. Give generously of your time and
knowledge in training others.



(ISC)2 Code of Professional Ethics - Compliance - ANSWER •Strict compliance with these ethics is
required to maintain your standing as a CISSP credential holder.

•If you are aware of a credentialed member breaking these canons, it is your responsibility to report
them to the ethics committee.



Organizational Code of Ethics - ANSWER •Policies, procedures and culture of doing the right things in the
face of difficult and often controversial issues.

,•Ethics topics that challenge organizations include but aren't limited to discrimination, social
responsibility and fiduciary issues.

•Positive Corporate Culture

•Consumer Confidence

•Reduced Financial Liabilities



Domain Objectives 1.2 Understand and apply security concepts - ANSWER •Confidentiality

•Integrity

•Availability

•Authenticity

•Nonrepudiation



CIA triad (Confidentiality, Integrity, Availability) - ANSWER CIA Triad The three essential security
principles of confidentiality, integrity, and availability.



Confidentiality - ANSWER The assurance that information is protected from unauthorized

disclosure and the defined level of secrecy is maintained throughout all subject-object.

interactions.



Other concepts, conditions, and aspects of confidentiality include sensitivity, discretion, criticality,
concealment, secrecy, privacy, seclusion, and isolation (Sybex, p. 181, 4th ed.)



Without confidentiality, integrity can not be maintained.



Compliance with all laws and regulations is mandatory and the CISSP exam allows for no wiggle room.



Threats to Confidentiality - ANSWER •Sniffing

•Stealing password files

•Social engineering

•Shoulder surfing

, •Eavesdropping

•Poor user training/awareness

•Disclosure



Countermeasures to Threats for Confidentiality - ANSWER •Encryption

•Traffic padding

•Access controls

•Authentication

•Data classification

•Personnel training

•Shielding



Integrity - ANSWER A state characterized by the assurance that modifications are not made by
unauthorized

users and authorized users do not make unauthorized modifications.



•Provides assurance of accuracy and reliability

•Ensures objects retain their veracity

•Modifications by authorized subjects only

•Detects alterations that have occurred

•In storage

•In transit

•In process



Threats to Integrity - ANSWER •Viruses

•Logic bombs

•Unauthorized access

•Coding errors

•Malicious modifications

Written for

Institution
Ccep
Course
Ccep

Document information

Uploaded on
August 25, 2024
Number of pages
61
Written in
2024/2025
Type
Exam (elaborations)
Contains
Questions & answers

Subjects

$11.49
Get access to the full document:

Wrong document? Swap it for free Within 14 days of purchase and before downloading, you can choose a different document. You can simply spend the amount again.
Written by students who passed
Immediately available after payment
Read online or as PDF


Also available in package deal

Thumbnail
Package deal
CERTIFIED COMPLIANCE AND ETHICS PROFESSIONAL PACKAGE DEAL QUESTIONS AND ANSWERS WITH VERIFIED SOLUTIONS UPDATED 2024
-
40 2024
$ 47.49 More info

Get to know the seller

Seller avatar
Reputation scores are based on the amount of documents a seller has sold for a fee and the reviews they have received for those documents. There are three levels: Bronze, Silver and Gold. The better the reputation, the more your can rely on the quality of the sellers work.
Performance Chamberlain College Of Nursing
View profile
Follow You need to be logged in order to follow users or courses
Sold
466
Member since
2 year
Number of followers
40
Documents
18352
Last sold
1 day ago

4.3

235 reviews

5
134
4
62
3
25
2
4
1
10

Why students choose Stuvia

Created by fellow students, verified by reviews

Quality you can trust: written by students who passed their tests and reviewed by others who've used these notes.

Didn't get what you expected? Choose another document

No worries! You can instantly pick a different document that better fits what you're looking for.

Pay as you like, start learning right away

No subscription, no commitments. Pay the way you're used to via credit card and download your PDF document instantly.

Student with book image

“Bought, downloaded, and aced it. It really can be that simple.”

Alisha Student

Working on your references?

Create accurate citations in APA, MLA and Harvard with our free citation generator.

Working on your references?

Frequently asked questions