QUESTION: 1

Which of the following is NOT an accepted classification of security controls?

Nominative.
Preventive.
Detective.
Corrective.

Answer(s): A

QUESTION: 2

Which three of the following characteristics form the AAA Triad in Information Security?

1. Authentication
2. Availability
3. Accounting
4. Asymmetry
5. Authorisation

1, 2 and 3.
2, 4, and 5.
1, 3 and 4.
1, 3 and 5.

Answer(s): A

Explanation:

The AAA Triad in Information Security refers to the three characteristics of Authentication, Availability, and Accounting.

Reveal Solution Next Question

QUESTION: 3

According to ISO/IEC 27000, which of the following is the definition of a vulnerability?

A weakness of an asset or group of assets that can be exploited by one or more threats.
The impact of a cyber attack on an asset or group of assets.
The threat that an asset or group of assets may be damaged by an exploit.
The damage that has been caused by a weakness iin a system.

Answer(s): A

Explanation:

Vulnerability
A vulnerability is a weakness of an asset or control that could potentially be exploited by one or more threats. An asset is any tangible or intangible thing or characteristic that has value to an organization, a control is any administrative, managerial, technical, or legal method that can be used to modify or manage risk, and a threat is any potential event that could harm an organization or system.
https://www.praxiom.com/iso-27000-definitions.htm

Reveal Solution Next Question

QUESTION: 4

Which term describes the acknowledgement and acceptance of ownership of actions, decisions, policies and deliverables?

Accountability.
Responsibility.
Credibility.
Confidentiality.

Answer(s): A

Reference:

https://hr.nd.edu/assets/17442/behavior_model_4_ratings_3_.pdf

Reveal Solution Next Question

Free BCS CISMP-V9 Exam Braindumps (page: 12)

QUESTION: 1

QUESTION: 2

Explanation:

QUESTION: 3

Explanation:

QUESTION: 4

Reference:

CISMP-V9 Exam Discussions & Posts