Free Preparation Discussions
MENU
ISC2 Exam ISSEP Topic 1 Question 80 Discussion
Topic #: 1
You work as a systems engineer for BlueWell Inc. You want to protect and defend information and
information systems by ensuring their availability, integrity, authentication, confidentiality, and non-
repudiation. Which of the following processes will you use to accomplish the task?
Information assurance (IA) is the process of organizing and monitoring information-related risks. It
ensures that only the approved users have
access to the approved information at the approved time. IA practitioners seek to protect and
defend information and information systems by
ensuring confidentiality, integrity, authentication, availability, and non-repudiation. These objectives
are applicable whether the information is
in storage, processing, or transit, and whether threatened by an attack.
Answer option D is incorrect. ISSE is a set of processes and solutions used during all phases of a
system's life cycle to meet the system's
information protection needs.
Answer option C is incorrect. Risk analysis is the science of risks and their probability and evaluation
in a business or a process. It is an
important factor in security enhancement and prevention in a system. Risk analysis should be
performed as part of the risk management
process for each project. The outcome of the risk analysis would be the creation or review of the risk
register to identify and quantify risk
elements to the project and their potential impact.
Answer option B is incorrect. Risk management is a set of processes that ensures a risk-based
approach is used to determine adequate, cost-
effective security for a system.
Currently there are no comments in this discussion, be the first to comment!