Download Your Ultimate Guide to Mastering the (ISC)² Certified in Cybersecurity Exam: Strategies and more Exams Information Technology in PDF only on Docsity!
(ISC)² Certified in Cybersecurity Exam:
Strategies for Success.
Top Rated Exam Study Guide Latest
Updated Exam Study Guide 2025/2026.
Document specific requirements that a customer has about any aspect of a vendor's service performance. A) DLR B) Contract C) SLR D) NDA - ANSC) SLR (Service-Level Requirements) _________ identifies and triages risks. - ANSRisk Assessment _________ are external forces that jeopardize security. - ANSThreats _________ are methods used by attackers. - ANSThreat Vectors _________ are the combination of a threat and a vulnerability. - ANSRisks We rank risks by _________ and _________. - ANSLikelihood and impact _________ use subjective ratings to evaluate risk likelihood and impact. - ANSQualitative Risk Assessment _________ use objective numeric ratings to evaluate risk likelihood and impact. - ANSQuantitative Risk Assessment _________ analyzes and implements possible responses to control risk. - ANSRisk Treatment _________ changes business practices to make a risk irrelevant. - ANSRisk Avoidance _________ reduces the likelihood or impact of a risk. - ANSRisk Mitigation An organization's _________ is the set of risks that it faces. - ANSRisk Profile _________ Initial Risk of an organization. - ANSInherent Risk _________ Risk that remains in an organization after controls. - ANSResidual Risk _________ is the level of risk an organization is willing to accept. - ANSRisk Tolerance _________ reduce the likelihood or impact of a risk and help identify issues. - ANSSecurity Controls _________ stop a security issue from occurring. - ANSPreventive Control _________ identify security issues requiring investigation. - ANSDetective Control _________ remediate security issues that have occurred. - ANSRecovery Control Hardening == Preventative - ANSVirus == Detective Backups == Recovery - ANSFor exam (Local and Technical Controls are the same) _________ use technology to achieve control objectives. - ANSTechnical Controls _________ use processes to achieve control objectives. - ANSAdministrative Controls _________ impact the physical world. - ANSPhysical Controls _________ tracks specific device settings. - ANSConfiguration Management _________ provide a configuration snapshot. - ANSBaselines (track changes) _________ assigns numbers to each version. - ANSVersioning _________ serve as important configuration artifacts. - ANSDiagrams _________ and _________ help ensure a stable operating environment. - ANSChange and Configuration Management Purchasing an insurance policy is an example of which risk management strategy? - ANSRisk Transference What two factors are used to evaluate a risk? - ANSLikelihood and Impact
(ISC)² Certified in Cybersecurity Exam:
Strategies for Success.
Top Rated Exam Study Guide Latest
Updated Exam Study Guide 2025/2026.
What term best describes making a snapshot of a system or application at a point in time for later comparison? - ANSBaselining What type of security control is designed to stop a security issue from occurring in the first place? - ANSPreventive What term describes risks that originate inside the organization? - ANSInternal What four items belong to the security policy framework? - ANSPolicies, Standards, Guidelines, Procedures _________ describe an organization's security expectations. - ANSPolicies (mandatory and approved at the highest level of an organization) _________ describe specific security controls and are often derived from policies. - ANSStandards (mandatory) _________ describe best practices. - ANSGuidelines (recommendations/advice and compliance is not mandatory) _________ step-by-step instructions. - ANSProcedures (not mandatory) _________ describe authorized uses of technology. - ANSAcceptable Use Policies (AUP) _________ describe how to protect sensitive information. - ANSData Handling Policies _________ cover password security practices. - ANSPassword Policies _________ cover use of personal devices with company information. - ANSBring Your Own Device (BYOD) Policies _________ cover the use of personally identifiable information. - ANSPrivacy Policies _________ cover the documentation, approval, and rollback of technology changes. - ANSChange Management Policies Which element of the security policy framework includes suggestions that are not mandatory? - ANSGuidelines What law applies to the use of personal information belonging to European Union residents?
- ANSGDPR What type of security policy normally describes how users may access business information with their own devices? - ANSBYOD Policy _________ the set of controls designed to keep a business running in the face of adversity, whether natural or man-made. - ANSBusiness Continuity Planning (BCP) BCP is also known as _________. - ANSContinuity of Operations Planning (COOP) Defining the BCP Scope: - ANSWhat business activities will the plan cover? What systems will it cover? What controls will it consider? _________ identifies and prioritizes risks. - ANSBusiness Impact Assessment BCP in the cloud requires _________ between providers and customers. - ANSCollaboration _________ protects against the failure of a single component. - ANSRedundancy _________ identifies and removes SPOFs. - ANSSingle Point of Failure Analysis _________ continues until the cost of addressing risks outweighs the benefit. - ANSSPOF Analysis _________ uses multiple systems to protect against service failure. - ANSHigh Availability _________ makes a single system resilient against technical failures. - ANSFault Tolerance _________ spreads demand across systems. - ANSLoad Balancing 3 Common Points of Failure in a system. - ANSPower Supply, Storage Media, Networking
(ISC)² Certified in Cybersecurity Exam:
Strategies for Success.
Top Rated Exam Study Guide Latest
Updated Exam Study Guide 2025/2026.
Joe performs full backups every Sunday evening and incremental backups every weekday evening. His system fails on Friday morning. What backups does he restore? - ANSSunday's FULL backup (To establish a base), Monday, Tuesday, Wednesday, and Thursday incremental backups _________ provide alternate data processing. - ANSDisaster Recovery Sites Disaster Recovery Facility Sites: - ANSHot Site, Cold Site, Warm Site _________ fully operational data centers stock with equipment an data and are available at a moment's notice. Very expensive. - ANSHot Site _________ empty data centers stock with core equipment, network, and environmental controls but do not have servers. Relatively Inexpensive but can take weeks or even months to become operational. - ANSColt Site _________ stock with all necessary equipment and data but are not maintained in a parallel fashion. Similar in expense to hot sites and can become operational in hours or days. - ANSWarm Site _________ these are geographically distant, offer site resiliency, require manual transfer or site replication through SAN or VM and provide online or offline backups. - ANSOffsite Storage Disaster Recovery Testing Goals: - ANSValidate that the plan functions correctly, Identify necessary plan updates Disaster Recovery Test types: - ANSRead-through, Walk-through, Simulation, Parallel Test, Full interruption test _________ ask each team member to review their role in the disaster recovery process and provide feedback. - ANSRead-throughs _________ gather the team together for a formal review of the disaster recovery plan. - ANSWalk-throughs (aka Tabletop exercise) _________ use a practice scenario to test the disaster recovery plan. - ANSSimulations _________ activate the disaster recovery environment but do not switch operations there. - ANSParallel tests _________ this switches primary operations to the alternate environment and can be very disruptive to business. - ANSFull Interruption tests Which type of backup includes only those files that have changes since the most recent full or incremental backup? - ANSIncremental (Revisit) What disaster recovery metric provides the targeted amount of time to restore a service after a failure? - ANSRTO (Revisit) Which disaster recovery tests involve the actual activation of the DR site? - ANSParallel What type of disaster recovery site is able to be activated most quickly in the event of a disruption? - ANSHot site Within the organization, who can identify risk? (D1, L1.2.2) A) The security manager B) Any security team member C) Senior management
(ISC)² Certified in Cybersecurity Exam:
Strategies for Success.
Top Rated Exam Study Guide Latest
Updated Exam Study Guide 2025/2026.
D) Anyone - ANSD) Anyone Glen is an (ISC)² member. Glen receives an email from a company offering a set of answers for an (ISC)² certification exam. What should Glen do? (D1, L1.5.1) A) Nothing B) Inform (ISC)² C) Inform law enforcement D) Inform Glen's employer - ANSB) Inform (ISC)² A system that collects transactional information and stores it in a record in order to show which users performed which actions is an example of providing ________. (D1, L1.1.1) A) Non-repudiation B) Multifactor authentication C) Biometrics D) Privacy - ANSA) Non-repudiation In risk management concepts, a(n) ___________ is something or someone that poses risk to an organization or asset. (D1, L1.2.1) A) Fear B) Threat C) Control D) Asset - ANSB) Threat A software firewall is an application that runs on a device and prevents specific types of traffic from entering that device. This is a type of ________ control. (D1, L1.3.1) A) Physical B) Administrative C) Passive D) Technical - ANSD) Technical Tina is an (ISC)² member and is invited to join an online group of IT security enthusiasts. After attending a few online sessions, Tina learns that some participants in the group are sharing malware with each other, in order to use it against other organizations online. What should Tina do? (D1, L1.5.1) A) Nothing B) Stop participating in the group C) Report the group to law enforcement D) Report the group to (ISC)² - ANSB) Stop participating in the group The city of Grampon wants to ensure that all of its citizens are protected from malware, so the city council creates a rule that anyone caught creating and launching malware within the city limits will receive a fine and go to jail. What kind of rule is this? (D1, L1.4.1)
(ISC)² Certified in Cybersecurity Exam:
Strategies for Success.
Top Rated Exam Study Guide Latest
Updated Exam Study Guide 2025/2026.
The Triffid Corporation publishes a policy that states all personnel will act in a manner that protects health and human safety. The security office is tasked with writing a detailed set of processes on how employees should wear protective gear such as hardhats and gloves when in hazardous areas. This detailed set of processes is a _________. (D1, L1.4.1) A) Policy B) Procedure C) Standard D) Law - ANSB) Procedure The senior leadership of Triffid Corporation decides that the best way to minimize liability for the company is to demonstrate the company's commitment to adopting best practices recognized throughout the industry. Triffid management issues a document that explains that Triffid will follow the best practices published by SANS, an industry body that addresses computer and information security. The Triffid document is a ______, and the SANS documents are ________. (D1, L1.4.2) A) Law, policy B) Policy, standard C) Policy, law D) Procedure, procedure - ANSB) Policy, standard Zarma is an (ISC)² member and a security analyst for Triffid Corporation. One of Zarma's colleagues is interested in getting an (ISC)2 certification and asks Zarma what the test questions are like. What should Zarma do? (D1, L1.5.1) A) Inform (ISC)² B) Explain the style and format of the questions, but no detail C) Inform the colleague's supervisor D) Nothing - ANSB) Explain the style and format of the questions, but no detail Of the following, which would probably not be considered a threat? (D1, L1.2.1) A) Natural disaster B) Unintentional damage to the system caused by a user C) A laptop with sensitive data on it D) An external attacker trying to gain unauthorized access to the environment - ANSC) A laptop with sensitive data on it Siobhan is an (ISC)² member who works for Triffid Corporation as a security analyst. Yesterday, Siobhan got a parking ticket while shopping after work. What should Siobhan do? (D1, L1.5.1) A) Inform (ISC)² B) Pay the parking ticket C) Inform supervisors at Triffid
(ISC)² Certified in Cybersecurity Exam:
Strategies for Success.
Top Rated Exam Study Guide Latest
Updated Exam Study Guide 2025/2026.
D) Resign employment from Triffid - ANSB) Pay the parking ticket Which of the following is an example of a "something you are" authentication factor? (D1, L1.1.1) A) A credit card presented to a cash machine B) Your password and PIN C) A user ID D) A photograph of your face - ANSD) A photograph of your face For which of the following systems would the security concept of availability probably be most important? (D1, L1.1.1) A) Medical systems that store patient data B) Retail records of past transactions C) Online streaming of camera feeds that display historical works of art in museums around the world D) Medical systems that monitor patient condition in an intensive care unit - ANSD) Medical systems that monitor patient condition in an intensive care unit In risk management concepts, a(n) _________ is something a security practitioner might need to protect. (D1, L1.2.1) A) Vulnerability B) Asset C) Threat D) Likelihood - ANSB) Asset Triffid Corporation has a policy that all employees must receive security awareness instruction before using email; the company wants to make employees aware of potential phishing attempts that the employees might receive via email. What kind of control is this instruction? (D1, L1.3.1) A) Administrative B) Finite C) Physical D) Technical - ANSA) Administrative What is the overall objective of a disaster recovery (DR) effort? (D2, L2.3.1) A) Save money B) Return to normal, full operations C) Preserve critical business functions during a disaster D) Enhance public perception of the organization - ANSB) Return to normal, full operations True or False? Business continuity planning is a reactive procedure that restores business operations after a disruption occurs. A) True
(ISC)² Certified in Cybersecurity Exam:
Strategies for Success.
Top Rated Exam Study Guide Latest
Updated Exam Study Guide 2025/2026.
cameras monitor the hallways. Sensitive data and media are kept in safes when not in use. (D3, L3.1.1) A) Two-person integrity B) Segregation of duties C) Defense in depth D) Penetration testing - ANSC) Defense in depth Tekila works for a government agency. All data in the agency is assigned a particular sensitivity level, called a "classification." Every person in the agency is assigned a "clearance" level, which determines the classification of data each person can access. What is the access control model being implemented in Tekila's agency? (D3, L3.3.1) A) MAC (mandatory access control) B) DAC (discretionary access control) C) RBAC (role-based access control) D) FAC (formal access control) - ANSA) MAC (mandatory access control) Prachi works as a database administrator for Triffid, Inc. Prachi is allowed to add or delete users, but is not allowed to read or modify the data in the database itself. When Prachis logs onto the system, an access control list (ACL) checks to determine which permissions Prachi has. Which security concept is being applied in this situation? (D3, L3.1.1) A) Defense in depth B) Layered defense C) Two-person integrity D) Least privilege - ANSD) Least privilege Network traffic originating from outside the organization might be admitted to the internal IT environment or blocked at the perimeter by a ________. (D3, L3.2.1) A) Turnstile B) Fence C) Vacuum D) Firewall - ANSD) Firewall What is the most critical element of an organization's security program? - ANSAnswer: People What is the primary purpose of a security policy? - ANSAnswer: To provide guidance and direction for the organization's security program. What is the role of a security manager? - ANSAnswer: To plan, implement, and manage an organization's security program. What is a vulnerability assessment? - ANSAnswer: A process of identifying, quantifying, and prioritizing security weaknesses in an organization's systems, applications, and networks.
(ISC)² Certified in Cybersecurity Exam:
Strategies for Success.
Top Rated Exam Study Guide Latest
Updated Exam Study Guide 2025/2026.
What is the difference between a vulnerability assessment and a penetration test? - ANSAnswer: A vulnerability assessment is a non-intrusive evaluation of an organization's security posture, while a penetration test is an intrusive evaluation that attempts to exploit identified vulnerabilities. What is the CIA triad? - ANSAnswer: Confidentiality, Integrity, and Availability. What is the difference between confidentiality and privacy? - ANSAnswer: Confidentiality refers to the protection of sensitive information from unauthorized access, while privacy refers to an individual's right to control their personal information. What is the principle of least privilege? - ANSAnswer: The principle that users and processes should only be given the minimum level of access necessary to perform their duties. What is a firewall? - ANSAnswer: A network security device that monitors and controls incoming and outgoing traffic based on a set of rules. What is a DMZ? - ANSAnswer: A demilitarized zone, a network segment that is isolated from the internal network and is used to host servers that are accessible from the internet. What is encryption? - ANSAnswer: The process of converting plain text into an unreadable format to protect the confidentiality of the data. What is a digital signature? - ANSAnswer: An electronic method of verifying the authenticity and integrity of a message or document. What is a certificate authority? - ANSAnswer: An organization that issues digital certificates that can be used to verify the identity of individuals, systems, or organizations. What is a secure socket layer (SSL)? - ANSAnswer: A protocol that provides secure communication over the internet by encrypting data between web servers and web browsers. What is a virtual private network (VPN)? - ANSAnswer: A technology that creates a secure and encrypted connection between two networks over the internet. What is multi-factor authentication? - ANSAnswer: A security mechanism that requires users to provide more than one form of authentication, such as a password and a fingerprint, to gain access to a system. What is a denial of service (DoS) attack? - ANSAnswer: An attack that attempts to make a server, network, or website unavailable by overwhelming it with traffic or requests. What is social engineering? - ANSAnswer: The use of deception to manipulate individuals into divulging confidential information or performing actions that may not be in their best interest. What is a malware? - ANSAnswer: A software that is designed to cause harm or damage to a computer system, network, or data. What is a phishing attack? - ANSAnswer: An attack that attempts to trick individuals into revealing sensitive information, such as passwords or credit card numbers, by posing as a trustworthy entity. What is a man-in-the-middle (MitM) attack? - ANSAnswer: An attack that intercepts communication between two parties to eavesdrop or modify the data being exchanged. What is a rootkit? - ANSAnswer: A software that is designed to hide its presence on a system, allowing an attacker to gain unauthorized access and control. What is a honeypot? - ANSAnswer: A decoy system that is designed to attract and detect unauthorized access attempts.
(ISC)² Certified in Cybersecurity Exam:
Strategies for Success.
Top Rated Exam Study Guide Latest
Updated Exam Study Guide 2025/2026.
What is a secure coding practice? - ANSAnswer: A set of coding techniques and best practices that are designed to reduce the likelihood of security vulnerabilities in software. What is the difference between a vulnerability disclosure program and a bug bounty program? - ANSAnswer: A vulnerability disclosure program is a formal process for reporting and addressing security vulnerabilities, while a bug bounty program is a program that rewards individuals for reporting vulnerabilities. What is a security clearance? - ANSAnswer: A level of authorization granted to an individual that allows them access to sensitive or classified information. What is a secure development lifecycle (SDLC)? - ANSAnswer: A process for developing software that integrates security into every stage of the development process. What is a threat actor? - ANSAnswer: An individual or group that initiates a security threat, such as an attacker or hacker. What is a zero-day vulnerability? - ANSAnswer: A vulnerability that is unknown to the software vendor and for which no patch or fix has been released. What is a security incident response team (SIRT)? - ANSAnswer: A team responsible for responding to security incidents and managing the organization's incident response plan. What is the difference between a security incident and a security event? - ANSAnswer: A security event is any observable occurrence that has the potential to affect the security of an organization's systems or data, while a security incident is an event that has been confirmed as a security breach or compromise. What is a security token? - ANSAnswer: A physical or digital device that is used to authenticate a user's identity for access to a system or application. What is a security information exchange (SIE)? - ANSAnswer: A network that allows organizations to share security information and threat intelligence. What is a security posture? - ANSAnswer: The overall level of security of an organization's systems, data, and operations. What is a security control objective? - ANSAnswer: A specific goal or requirement that a security control is designed to achieve. What is a risk management framework? - ANSAnswer: A structured approach to identifying, analyzing, and mitigating risks to an organization's systems and data. What is a business continuity plan? - ANSAnswer: A documented plan that outlines the steps to be taken to maintain critical business operations in the event of a disruption or disaster. What is a disaster recovery plan? - ANSAnswer: A documented plan that outlines the steps to be taken to restore systems and data after a disruption or disaster. What is a security incident report? - ANSAnswer: A document that summarizes the details of a security incident, including the cause, impact, and response. What is a security risk assessment report? - ANSAnswer: A document that summarizes the findings of a security risk assessment, including identified vulnerabilities and recommended security controls. What is a security operations center (SOC)? - ANSAnswer: A centralized team responsible for monitoring and responding to security incidents and events.
(ISC)² Certified in Cybersecurity Exam:
Strategies for Success.
Top Rated Exam Study Guide Latest
Updated Exam Study Guide 2025/2026.
What is a security clearance investigation? - ANSAnswer: An investigation into an individual's background, character, and loyalty to determine their eligibility for a security clearance. What is a security baseline configuration? - ANSAnswer: A standardized configuration for an organization's systems and applications that meets minimum security requirements. What is a security incident response playbook? - ANSAnswer: A documented plan that outlines the specific steps to be taken in response to different types of security incidents. What is a security key management system? - ANSAnswer: A system used to generate, distribute, and manage encryption keys. What is a security governance framework? - ANSAnswer: A framework that outlines the policies, procedures, and processes for managing an organization's security program. What is a security key exchange protocol? - ANSAnswer: A protocol used to exchange encryption keys securely between two parties. What is a security information exchange format (STIX)? - ANSAnswer: A standard format for exchanging security information and threat intelligence. What is a security content automation protocol (SCAP)? - ANSAnswer: A standardized approach to assessing and managing security vulnerabilities and configurations. What is a security information management (SIM) system? - ANSAnswer: A system that collects, analyzes, and reports on security events and incidents. What is a security event correlation system? - ANSAnswer: A system that analyzes security events from multiple sources to identify potential security threats. What is a security access management (SAM) system? - ANSAnswer: A system that manages user access to an organization's systems and data. What is a security audit trail? - ANSAnswer: A log of security events and actions that can be used to track and investigate security incidents. What is a security exception management process? - ANSAnswer: A process for reviewing and approving exceptions to an organization's security policies and procedures. What is a security incident response communication plan? - ANSAnswer: A plan that outlines how communication will be handled during a security incident, including who will be notified, what information will be shared, and how communication will be managed. What is a security vulnerability management program? - ANSAnswer: A program that identifies, prioritizes, and addresses security vulnerabilities in an organization's systems and applications. What is a security breach notification law? - ANSAnswer: A law that requires organizations to notify individuals of a security breach that may have compromised their personal information. What is a security token service (STS)? - ANSAnswer: A service that issues and manages security tokens used for authentication and authorization. What is a security content repository? - ANSAnswer: A database or storage system that contains security-related information and documentation. What is a security incident management process? - ANSAnswer: A process for managing security incidents from identification through resolution and reporting.
(ISC)² Certified in Cybersecurity Exam:
Strategies for Success.
Top Rated Exam Study Guide Latest
Updated Exam Study Guide 2025/2026.
What is a security control validation? - ANSAnswer: The process of testing and verifying the effectiveness of an organization's security controls. What is a security incident response playbook testing? - ANSAnswer: The process of testing an organization's security incident response playbook to ensure it is effective and efficient. What is a security maturity model? - ANSAnswer: A model that provides a framework for assessing an organization's security maturity and identifying areas for improvement. What is a security culture? - ANSAnswer: The collective beliefs, attitudes, and behaviors of an organization's employees towards security. What is a security governance committee? - ANSAnswer: A committee responsible for overseeing an organization's security program and ensuring it aligns with business objectives. What is a security risk management plan? - ANSAnswer: A plan that outlines the steps to be taken to identify, assess, and mitigate security risks to an organization's systems and data. What is a security policy lifecycle? - ANSAnswer: The process of developing, implementing, reviewing, and updating an organization's security policies and procedures. A computer responsible for hosting applications to user workstations. NIST SP 800-82 Rev.
- ANSApplication Server An algorithm that uses one key to encrypt and a different key to decrypt the input plaintext. - ANSAsymmetric Encryption A digit representing the sum of the correct digits in a piece of stored or transmitted digital data, against which later comparisons can be made to detect errors in the data. - ANSChecksum The altered form of a plaintext message so it is unreadable for anyone except the intended recipients. In other words, it has been turned into a secret. - ANSCiphertext Classification identifies the degree of harm to the organization, its stakeholders or others that might result if an information asset is divulged to an unauthorized person, process or organization. In short, classification is focused first and foremost on maintaining the confidentiality of the data, based on the data sensitivity. - ANSClassification A process and discipline used to ensure that the only changes made to a system are those that have been authorized and validated. - ANSConfiguration management One who performs cryptanalysis which is the study of mathematical techniques for attempting to defeat cryptographic techniques and/or information systems security. This includes the process of looking for errors or weaknesses in the implementation of an algorithm or of the algorithm itself. - ANSCryptanalyst The study or applications of methods to secure or protect the meaning and content of messages, files, or other information, usually by disguise, obscuration, or other transformations of that content and meaning. - ANSCryptography System capabilities designed to detect and prevent the unauthorized use and transmission of information. - ANSData Loss Prevention (DLP) The reverse process from encryption. It is the process of converting a ciphertext message back into plaintext through the use of the cryptographic algorithm and the appropriate key for decryption (which is the same for symmetric encryption, but different for asymmetric encryption). This term is also used interchangeably with the "deciphering." - ANSDecryption
(ISC)² Certified in Cybersecurity Exam:
Strategies for Success.
Top Rated Exam Study Guide Latest
Updated Exam Study Guide 2025/2026.
A technique of erasing data on disk or tape (including video tapes) that, when performed properly, ensures that there is insufficient magnetic remanence to reconstruct data. - ANSDegaussing The result of a cryptographic transformation of data which, when properly implemented, provides the services of origin authentication, data integrity, and signer non-repudiation. NIST SP 800-12 Rev. 1 - ANSDigital Signature Monitoring of outgoing network traffic. - ANSEgress Monitoring The process and act of converting the message from its plaintext to ciphertext. Sometimes it is also referred to as enciphering. The two terms are sometimes used interchangeably in literature and have similar meanings. - ANSEncryption The total set of algorithms, processes, hardware, software, and procedures that taken together provide an encryption and decryption capability. - ANSEncryption System A reference to the process of applying secure configurations (to reduce the attack surface) and locking down various hardware, communications systems, and software, including operating system, web server, application server, application, etc. Hardening is normally performed based on industry guidelines and benchmarks, such as those provided by the Center for Internet Security (CIS). - ANSHardening An algorithm that computes a numerical value (called the hash value) on a data file or electronic message that is used to represent that file or message and depends on the entire contents of the file or message. A hash function can be considered to be a fingerprint of the file or message. NIST SP 800- 152 - ANSHash Function The process of using a mathematical algorithm against data to produce a numeric value that is representative of that data. Source CNSSI 4009- 2015 - ANSHashing The requirements for information sharing by an IT system with one or more other IT systems or applications, for information sharing to support multiple internal or external organizations, missions, or public programs. NIST SP 800- 16 - ANSInformation Sharing Monitoring of incoming network traffic. - ANSIngress Monitoring A digital signature that uniquely identifies data and has the property such that changing a single bit in the data will cause a completely different message digest to be generated. NISTIR-8011 Vol.3 - ANSMessage Digest The software "master control application" that runs the computer. It is the first program loaded when the computer is turned on, and its main component, the kernel, resides in memory at all times. The operating system sets the standards for all application programs (such as the Web server) that run in the computer. The applications communicate with the operating system for most user interface and file management operations. NIST SP 800- 44 Version 2 - ANSOperating System A software component that, when installed, directly modifies files or device settings related to a different software component without changing the version number or release details for the related software component. Source: ISO/IEC 19770- 2 - ANSPatch The systematic notification, identification, deployment, installation and verification of operating system and application software code revisions. These revisions are known as patches, hot fixes, and service packs. Source: CNSSI 4009 - ANSPatch Management
(ISC)² Certified in Cybersecurity Exam:
Strategies for Success.
Top Rated Exam Study Guide Latest
Updated Exam Study Guide 2025/2026.
security requirements, policy and compliance considerations). It may be owned, managed and operated by one or more of the organizations in the community, a third party or some combination of them, and it may exist on or off premises. NIST 800- 145 - ANSCommunity cloud The opposite process of encapsulation, in which bundles of data are unpacked or revealed. - ANSDe-encapsulation The prevention of authorized access to resources or the delaying of time-critical operations. (Time-critical may be milliseconds or it may be hours, depending upon the service provided.) Source: NIST SP 800-27 Rev A - ANSDenial-of-Service (DoS) This acronym can be applied to three interrelated elements: a service, a physical server and a network protocol. - ANSDomain Name Service (DNS) Enforcement of data hiding and code hiding during all phases of software development and operational use. Bundling together data and methods is the process of encapsulation; its opposite process may be called unpacking, revealing, or using other terms. Also used to refer to taking any set of data and packaging it or hiding it in another data structure, as is common in network protocols and encryption. - ANSEncapsulation The process and act of converting the message from its plaintext to ciphertext. Sometimes it is also referred to as enciphering. The two terms are sometimes used interchangeably in literature and have similar meanings. - ANSEncryption The internet protocol (and program) used to transfer files between hosts. - ANSFile Transfer Protocol (FTP) In a fragment attack, an attacker fragments traffic in such a way that a system is unable to put data packets back together. - ANSFragment attack The physical parts of a computer and related devices. - ANSHardware A combination of public cloud storage and private cloud storage where some critical data resides in the enterprise's private cloud while other data is stored and accessible from a public cloud storage provider. - ANSHybrid cloud The provider of the core computing, storage and network hardware and software that is the foundation upon which organizations can build and then deploy applications. IaaS is popular in the data center where software and servers are purchased as a fully outsourced service and usually billed on usage and how much of the resource is used. - ANSInfrastructure as a Service (IaaS) An IP network protocol standardized by the Internet Engineering Task Force (IETF) through RFC 792 to determine if a particular service or host is available. - ANSInternet Control Message Protocol (ICMP) Standard protocol for transmission of data from source to destinations in packet-switched communications networks and interconnected systems of such networks. CNSSI 4009- 2015 - ANSInternet Protocol (IPv4) An attack where the adversary positions himself in between the user and the system so that he can intercept and alter data traveling between them. Source: NISTIR 7711 - ANSMan-in-the- Middle
(ISC)² Certified in Cybersecurity Exam:
Strategies for Success.
Top Rated Exam Study Guide Latest
Updated Exam Study Guide 2025/2026.
Part of a zero-trust strategy that breaks LANs into very small, highly localized zones using firewalls or similar technologies. At the limit, this places firewall at every connection point. - ANSMicrosegmentation Purposely sending a network packet that is larger than expected or larger than can be handled by the receiving system, causing the receiving system to fail unexpectedly. - ANSOversized Packet Attack Representation of data at Layer 3 of the Open Systems Interconnection (OSI) model. - ANSPacket The primary action of a malicious code attack. - ANSPayload An information security standard administered by the Payment Card Industry Security Standards Council that applies to merchants and service providers who process credit or debit card transactions. - ANSPayment Card Industry Data Security Standard (PCI DSS) The web-authoring or application development middleware environment that allows applications to be built in the cloud before they're deployed as SaaS assets. - ANSPlatform as a Service (PaaS) The phrase used to describe a cloud computing platform that is implemented within the corporate firewall, under the control of the IT department. A private cloud is designed to offer the same features and benefits of cloud systems, but removes a number of objections to the cloud computing model, including control over enterprise and customer data, worries about security, and issues connected to regulatory compliance. - ANSPrivate cloud A set of rules (formats and procedures) to implement and control some type of association (that is, communication) between systems. NIST SP 800-82 Rev. 2 - ANSProtocols The cloud infrastructure is provisioned for open use by the general public. It may be owned, managed, and operated by a business, academic, or government organization, or some combination of them. It exists on the premises of the cloud provider. NIST SP 800- 145 - ANSPublic cloud The standard communication protocol for sending and receiving emails between senders and receivers. - ANSSimple Mail Transport Protocol (SMTP) Computer programs and associated data that may be dynamically written or modified during execution. NIST SP 80--37 Rev. 2 - ANSSoftware The cloud customer uses the cloud provider's applications running within a cloud infrastructure. The applications are accessible from various client devices through either a thin client interface, such as a web browser or a program interface. The consumer does not manage or control the underlying cloud infrastructure including network, servers, operating systems, storage, or even individual application capabilities, with the possible exception of limited user-specific application configuration settings. Derived from NIST 800- 145 - ANSSoftware as a Service (SaaS) Faking the sending address of a transmission to gain illegal entry into a secure system. CNSSI 4009- 2015 - ANSSpoofing Internetworking protocol model created by the IETF, which specifies four layers of functionality: Link layer (physical communications), Internet Layer (network-to-network communication), Transport Layer (basic channels for connections and connectionless exchange of data between hosts), and Application Layer, where other protocols and user
