ISACA Cybersecurity Exam Questions and Answers with complete solution

Acceptable Use policy - A policy that establishes an agreement between users and the enterprise and defines for all parties' the ranges of use that are approved before gaining access to a network or the Internet. Access control list (ACL) - An internal computerized table of access rules regarding the levels of computer access permitted to logon IDs and computer terminals. Scope Notes: Also referred to as access control tables. Access rights - The permission or privileges granted to users, programs or workstations to create, change, delete or view data and files within a system, as defined by rules established by data owners and the information security policy. Accountability - The ability to map a given activity or event back to the responsible party. Advanced Encryption Standard (AES) - A public algorithm that supports keys from 128 bits to 256 bits in size Advanced persistent threat (APT) - An adversary that possesses sophisticated levels of expertise and significant resources that allow it to create opportunities to achieve its objectives by using multiple attack vectors, including cyber, physical and deception. Typically, APT objectives include establishing and extending footholds within the IT infrastructure of the targeted organizations for purposes of exfiltrating information, or undermining or impeding critical aspects of a mission, program or organization; or positioning itself to carry out those objectives in the future. The advanced persistent threat pursues its objectives repeatedly, over an extended period, adapts to defenders' efforts to resist it and is determined to maintain the level of interaction that is needed to execute its objectives. Source: NIST SP 800-39 Adversary - A threat agent Adware - A software package that automatically plays, displays or downloads advertising material to a computer after the software is installed on it or while the application is being used. Scope Notes: In most cases, this is done without any notification to the user or without the user's consent. The termadware may also refer to software that displays advertisements, whether or not it does so with the user's consent; such programs display advertisements as an alternative to shareware registration fees. These are classified as adware in the sense of advertising supported software, but not as spyware. Adware in this form does not operate surreptitiously or mislead the user, and it provides the user with a specific service. Analog - A transmission signal that varies continuously in amplitude and time and is generated in wave formation. Scope Notes: Analog signals are used in telecommunications Antimalware - A widely used technology to prevent, detect and remove many categories of malware, including computer viruses, worms, Trojans, keyloggers, malicious browser plug-ins, adware and spyware