New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

ISC2 ISSEP Exam - Topic 1 Question 80 Discussion

Actual exam question for ISC2's ISSEP exam
Question #: 80
Topic #: 1
[All ISSEP Questions]

You work as a systems engineer for BlueWell Inc. You want to protect and defend information and

information systems by ensuring their availability, integrity, authentication, confidentiality, and non-

repudiation. Which of the following processes will you use to accomplish the task?

Show Suggested Answer Hide Answer
Suggested Answer: A

Information assurance (IA) is the process of organizing and monitoring information-related risks. It

ensures that only the approved users have

access to the approved information at the approved time. IA practitioners seek to protect and

defend information and information systems by

ensuring confidentiality, integrity, authentication, availability, and non-repudiation. These objectives

are applicable whether the information is

in storage, processing, or transit, and whether threatened by an attack.

Answer option D is incorrect. ISSE is a set of processes and solutions used during all phases of a

system's life cycle to meet the system's

information protection needs.

Answer option C is incorrect. Risk analysis is the science of risks and their probability and evaluation

in a business or a process. It is an

important factor in security enhancement and prevention in a system. Risk analysis should be

performed as part of the risk management

process for each project. The outcome of the risk analysis would be the creation or review of the risk

register to identify and quantify risk

elements to the project and their potential impact.

Answer option B is incorrect. Risk management is a set of processes that ensures a risk-based

approach is used to determine adequate, cost-

effective security for a system.


by Lashon at Feb 10, 2024, 05:54 AM

Limited Time Offer

25%

Off

Get Premium ISSEP Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Terrilyn
3 months ago
Wait, can IA really handle all those aspects? Sounds too good to be true.
upvoted 0 times
...
Lavonna
3 months ago
Totally agree with IA, it covers all bases!
upvoted 0 times
...
Antione
3 months ago
Isn't ISSE more about building secure systems?
upvoted 0 times
...
Solange
4 months ago
I think Risk Management is more crucial here.
upvoted 0 times
...
Izetta
4 months ago
Gotta go with Information Assurance (IA) for that!
upvoted 0 times
...
Hannah
4 months ago
I’m leaning towards IA too, but I wonder if risk analysis plays a role in assessing how to achieve those security principles.
upvoted 0 times
...
Thea
4 months ago
I feel like Information Systems Security Engineering (ISSE) could also be relevant, but it might be more about the design and implementation of security measures rather than the overarching protection goals.
upvoted 0 times
...
Kenneth
4 months ago
I remember practicing a question about risk management, and it seemed more about identifying and mitigating risks rather than directly ensuring integrity and confidentiality.
upvoted 0 times
...
Ahmed
5 months ago
I think Information Assurance (IA) is the right choice since it focuses on protecting information systems, but I'm not entirely sure.
upvoted 0 times
...
Linsey
5 months ago
Information Assurance (IA) seems like the obvious choice here. It's all about protecting the core security properties of information systems. I feel good about selecting that option.
upvoted 0 times
...
Tiera
5 months ago
I'm a bit confused by the wording of this question. Can these processes be used interchangeably, or is there a specific one that's most appropriate? I'll have to review my notes to make sure I understand the distinctions.
upvoted 0 times
...
Annamaria
5 months ago
Hmm, this is a tricky one. I'm not sure if I fully understand the differences between all these security processes. I'll have to think it through carefully.
upvoted 0 times
...
Val
5 months ago
This looks like a straightforward question about information security processes. I'm pretty confident I can identify the correct answer.
upvoted 0 times
...
Shawnta
5 months ago
Okay, let's see. The key here is ensuring availability, integrity, authentication, confidentiality, and non-repudiation. I think Information Assurance (IA) is the best fit for that.
upvoted 0 times
...
Erasmo
5 months ago
Hmm, I think I know how to do this, but I want to double-check the steps. Let me re-read the explanation carefully to make sure I don't miss anything.
upvoted 0 times
...
Valene
5 months ago
This seems pretty straightforward. I'd go with inspecting the processes and the file hash. Those should give us a good starting point to evaluate the suspicious activity and determine the next steps.
upvoted 0 times
...
Felicia
5 months ago
Options C and D seem similar to practice questions we tackled, but I feel like assessing gaps in knowledge is more proactive than just giving them research on training.
upvoted 0 times
...
Bambi
5 months ago
I think I remember that both bash and ksh are definitely POSIX compliant.
upvoted 0 times
...
Carlee
2 years ago
Authentication is also crucial to ensure only authorized users can access the information.
upvoted 0 times
...
Delfina
2 years ago
That's a good point, access control is essential for protecting information systems.
upvoted 0 times
...
Lynelle
2 years ago
But don't forget about access control measures to ensure confidentiality.
upvoted 0 times
...
Phyliss
2 years ago
I agree with Delfina, encryption will help protect the information.
upvoted 0 times
...
Delfina
2 years ago
I think the process we should use is encryption.
upvoted 0 times
...

Save Cancel