Study your flashcards anywhere!

Download the official Cram app for free >

  • Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off
Reading...
Front

How to study your flashcards.

Right/Left arrow keys: Navigate between flashcards.right arrow keyleft arrow key

Up/Down arrow keys: Flip the card between the front and back.down keyup key

H key: Show hint (3rd side).h key

A key: Read text to speech.a key

image

Play button

image

Play button

image

Progress

1/16

Click to flip

16 Cards in this Set

  • Front
  • Back
ISC2 was formed for which of the following purposes?
A) maintaining a Common Body of Knowledge for information security
B) certifying industry professionals and practitioners in an international IS standard
C) ensuring credentials are maintained primarily through continuing education
The information security Common Body of Knowledge is
a compilation and distillation of all security information collected internationally of relevance to information security professionals
The CBK contains:
10 domains
The Security Management Practices domain includes:
documented policies, standards, procedures, and guidelines
The Security Architecture and Models domain includes:
concepts and principles for secure designs of computing resources
The Access Control Systems and Methodology domain includes:
a collection of mechanisms to create secure architectures for asset protection
The Application Development Security domain includes:
an outline for the software development environment to address security concerns
The Operations Security domain includes:
identification of controls over hardware, media, and personnel
The Physical Security domain includes:
B) perimeter security controls and protection mechanisms
C) data center controls and specifications for physically secure operations
The Cryptography domain includes:
principles, means, and methods to disguise information to assure confidentiality, integrity, and authenticity
The Telecommunications, Network, and Internet Security domain includes:
A) technology, principles, and best practices to secure telephone networks
B) technology, principles, and best practices to secure corporate networks
C) technology, principles, and best practices to secure Internet-attached networks
The Business Continuity domain includes:
plans for recovering business operations in the event of loss of access by personnel
The Law, Investigations, and Ethics domain includes:
methods to investigate computer crime incidents
People more interested in certifying themselves as security experts in a business context should consider preparing for which certification?
CISA
People more interested in certifying themselves as security technical practitioners should consider preparing for which certification(s)?
GIAC and CompTIA Security+
the growth in the security profession is driven by:
new technology