1.
What is called the formal acceptance of the adequacy of a system's overall security by the management?
2.
Which property ensures that only the intended recipient can access the data and nobody else?
3.
Making sure that the data has not been changed unintentionally, due to an accident or malice is:
4.
Which of the following are the steps usually followed in the development of documents such as security policy, standards and procedures?
5.
What is the goal of the Maintenance phase in a common development process of a security policy?
6.
What is the difference between Advisory and Regulatory security policies?
7.
What is the main purpose of Corporate Security Policy?
8.
Which of the following is not a component of a Operations Security "triples"?
9.
When two or more separate entities (usually persons) operating in concert to protect sensitive functions or information must combine their knowledge to gain access to an asset, this is known as?
10.
First, you probably nototiced that both Separation of Duties and Segregation of Duties are synonymous with each others. This means they are not the BEST
answers for sure. That was an easy first step.
For the exam remember:
Separation of Duties is synonymous with Segregation of Duties
Dual Control is synonymous with Split Knowledge
Reference(s) used for this question:
Hernandez CISSP, Steven (2012-12-21). Official (ISC)2 Guide to the CISSP CBK, Third Edition ((ISC)2 Press) (Kindle Locations 16048-16078). Auerbach
Publications. Kindle Edition.
and
http://www.ciso.in/dual-control-or-segregation-of-duties/
Which of the following is NOT a proper component of Media Viability Controls?
COMPANY
Products
 
OTHERS
Partner

Copyright © RVR Innovations LLP 2024 | All rights reserved - Mytat.co is the venture of RVR Innovations LLP