©BRAINBARTER EXAM SOLUTIONS 2024/2025
ALL RIGHTS RESERVED.
Official (ISC)² CISSP - Domain 1: Security
and Risk Management Study Guide.
Administrative Controls - answer✔Procedures implemented to define the roles, responsibilities,
policies, and administrative functions needed to manage the control environment.
Annualized Rate of Occurrence (ARO) - answer✔An estimate of how often a threat will be
successful in exploiting a vulnerability over the period of a year.
Arms Export Control Act of 1976 - answer✔Authorizes the President to designate those items
that shall be considered as defense articles and defense services and control their import and
the export.
Availability - answer✔The principle that ensures that information is available and accessible to
users when needed.
Breach - answer✔An incident that results in the disclosure or potential exposure of data.
Compensating Controls - answer✔Controls that substitute for the loss of primary controls and
mitigate risk down to an acceptable level.
Compliance - answer✔Actions that ensure behavior that complies with established rules.
Confidentiality - answer✔Supports the principle of "least privilege" by providing that only
authorized individuals, processes, or systems should have access to information on a need-to-
know basis.
Copyright - answer✔Covers the expression of ideas rather than the ideas themselves; it usually
protects artistic property such as writing, recordings, databases, and computer programs.
Corrective: Controls - answer✔Controls implemented to remedy circumstance, mitigate
damage, or restore controls.
Data Disclosure - answer✔A breach for which it was confirmed that data was actually disclosed
(not just exposed) to an unauthorized party.
1|Page
ALL RIGHTS RESERVED.
Official (ISC)² CISSP - Domain 1: Security
and Risk Management Study Guide.
Administrative Controls - answer✔Procedures implemented to define the roles, responsibilities,
policies, and administrative functions needed to manage the control environment.
Annualized Rate of Occurrence (ARO) - answer✔An estimate of how often a threat will be
successful in exploiting a vulnerability over the period of a year.
Arms Export Control Act of 1976 - answer✔Authorizes the President to designate those items
that shall be considered as defense articles and defense services and control their import and
the export.
Availability - answer✔The principle that ensures that information is available and accessible to
users when needed.
Breach - answer✔An incident that results in the disclosure or potential exposure of data.
Compensating Controls - answer✔Controls that substitute for the loss of primary controls and
mitigate risk down to an acceptable level.
Compliance - answer✔Actions that ensure behavior that complies with established rules.
Confidentiality - answer✔Supports the principle of "least privilege" by providing that only
authorized individuals, processes, or systems should have access to information on a need-to-
know basis.
Copyright - answer✔Covers the expression of ideas rather than the ideas themselves; it usually
protects artistic property such as writing, recordings, databases, and computer programs.
Corrective: Controls - answer✔Controls implemented to remedy circumstance, mitigate
damage, or restore controls.
Data Disclosure - answer✔A breach for which it was confirmed that data was actually disclosed
(not just exposed) to an unauthorized party.
1|Page
