Official (ISC)² CISSP - Domain 1: Security and Risk Management - my study guide questions with correct answers

Administrative Controls Correct Answer-Procedures implemented to define the roles, responsibilities, policies, and administrative functions needed to manage the control environment. Administrative law Correct Answer-Regulatory compliance. Administrative violations can result in monetary penalties, regulatory action, or imprisonment. An information security program Correct Answer-must be strategically aligned with business objectives. ALE Correct Answer-SLE (Single loss expectancy) * ARO (Annualized Rate of Occurrence) Annualized Rate of Occurrence (ARO) Correct Answer-An estimate of how often a threat will be successful in exploiting a vulnerability over the period of a year. Arms Export Control Act of 1976 Correct Answer-Authorizes the President to designate those items that shall be considered as defense articles and defense services and control their import and the export. Assurance Correct Answer-Level of confidence that controls work. Is an on going process. Assurance mechanisms include due diligence, inspection, assessment, and audit reports. AUP agreement Correct Answer-Rules for user data AV Correct Answer-Asset value in dollars