S | Cisa Exam Cram 2

Index

[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X]

sags (voltage)
salvage teams
sampling
     attribute sampling 2nd
     variance sampling 2nd 3rd
SANs (storage area networks) 2nd
SANS Institute
SAS (Statement on Auditing Standards)
     SAS 70 2nd
     SAS 94 2nd
scanning
scheduling
     projects
SCM (supply chain management)
scorecards, balanced 2nd 3rd
SDLC (Software Development Life Cycle) 2nd 3rd
     Classic Life Cycle Model
     design 2nd 3rd
     development 2nd 3rd
     feasibility 2nd
     implementation 2nd 3rd
     Linear Sequential Model
     programming languages
     prototyping 2nd
     RAD (rapid application development) 2nd
     requirements definition 2nd 3rd
     Software Capability Maturity Model (CMM) 2nd
     Waterfall Method 2nd
SDLC (system development life cycle) 2nd 3rd
secret keys
Secure Sockets Layer (SSL)
security 2nd 3rd
     callback systems
     controls design, implementation, and monitoring 2nd 3rd
     defense-in-depth strategy
     denial-of-service attacks (DoS) 2nd
     design and implementation 2nd 3rd
         access standards
         auditing logical access 2nd
         data ownership
         formal security awareness and training 2nd
         logical access policies
         reviewing policies and procedures
         security administrators
     digital signatures 2nd 3rd
     distributed denial-of-service attacks (DDoS)
     encryption
         AES (Advanced Encryption Standard)
         algorithms
         asymmetric encryption 2nd 3rd
         Certificate Authorities (CAs) 2nd
         cryptography
         DES (Data Encryption Standard)
         digital certificates 2nd
         nonrepudiation
         private keys
         public key infrastructure (PKI) 2nd 3rd
         public keys 2nd 3rd
         symmetric encryption 2nd
         symmetric keys 2nd
     environmental security 2nd 3rd 4th 5th
         electromagnetic interference (EMI) 2nd
         fire-detection systems 2nd
         fire-suppression systems 2nd 3rd
         power failures 2nd
     exam prep questions 2nd 3rd 4th 5th
     firewalls 2nd 3rd 4th 5th 6th 7th
     intrusion methods 2nd
         active attacks 2nd
         passive attacks 2nd
         viruses 2nd
         worms
     intrusion-detection systems (IDS) 2nd
     logical access controls 2nd 3rd
         access
         access paths
         access-control matrices
         ACLs (access-control lists) 2nd
         authentication 2nd 3rd 4th
         authorization
         centralized/decentralized
         discretionary access
         identification 2nd 3rd 4th
         lattice-based access
         MACs (mandatory access controls) 2nd
         nondiscretionary access 2nd
         objects
         restricted interfaces
         role-based access
         rule-based access
         subjects
         task-based access
     monitoring, detection, and escalation processes 2nd
     network controls 2nd
    networks
         encryption 2nd 3rd 4th 5th 6th 7th
     physical controls 2nd 3rd 4th 5th
         biometric systems 2nd
     policies
     resources 2nd
     security risk
     single sign-on (SSO) systems
     social engineering
     SSL (Secure Sockets Layer)
     strategies and policies 2nd 3rd 4th 5th 6th 7th
         CIA triad
         data integrity risks 2nd
         logical controls 2nd 3rd
         physical controls 2nd
     testing
     testing and assessment tools 2nd 3rd 4th 5th 6th
     voice communications security 2nd
security administration
     segregation of duties
security administrators
security committees
     security management responsibilities
security department 2nd
security policies
security risk
security specialists/advisors
     security management responsibilities
security teams
segment PDU (protocol data unit) 2nd
segregation of duties 2nd
segregation of IT duties 2nd 3rd
segretation of duties
     IS roles and responsibilities 2nd 3rd
self-assessment
     Certified Information Systems Auditor candidate 2nd 3rd
     educational background 2nd
     exam readiness 2nd
     hands-on experience 2nd
sensitive functions
sequence checks
service-level agreements
service-level agreements (SLAs) 2nd
Session layer (OSI) 2nd 3rd
shared secret keys
signatures, digital 2nd 3rd
Simple Mail Transfer Protocol (SMTP)
simplex
single sign-on (SSO) systems
SLAs (service-level agreements) 2nd
SMEs (subject matter experts)
smoke detectors
SMTP (Simple Mail Transfer Protocol)
social engineering
software 2nd
     change control 2nd
     configuration management 2nd
     DBMS (database management systems) 2nd 3rd
     firmware
     middleware 2nd
     operating systems 2nd
     risks and controls 2nd
Software Capability Maturity Model (CMM) 2nd 3rd 4th
Software Development Life Cycle (SDLC) 2nd 3rd
     Classic Life Cycle Model
     design 2nd 3rd
     development 2nd 3rd
     feasibility 2nd
     implementation 2nd 3rd
     Linear Sequential Model
     programming languages
     prototyping 2nd
     RAD (rapid application development) 2nd
     requirements definition 2nd 3rd
     Software Capability Maturity Model (CMM) 2nd
     Waterfall Method 2nd
software teams
software. [See application systems]
spamming
spikes (voltage)
SSL (Secure Sockets Layer)
SSO (single sign-on) systems
standards
     ISACA IS Auditing Standards 2nd 3rd
         codification 2nd
         table of 2nd 3rd
star topology 2nd
stateful packet-inspection firewalls 2nd
Statement on Auditing Standards. [See SAS]
steering committees 2nd
steering committees (IT) 2nd
storage
     evaluating 2nd
     SANs (storage area networks) 2nd
     tape storage 2nd 3rd
storage area networks (SANs) 2nd
strategic planning 2nd 3rd 4th
strategies 2nd
     BCP (business continuity management) 2nd 3rd
     contract management 2nd
         confidentiality agreements
         contract audit objectives 2nd
         discovery agreements
         employee contracts
         noncompete agreements
         trade secret agreements
     DRP (disaster recovery planning) 2nd 3rd
     IS steering committees 2nd
     problem- and change management 2nd 3rd
     project management 2nd 3rd 4th
         project life cycle 2nd
         risk indicators 2nd
         system upgrade risks 2nd
     quality management 2nd 3rd 4th 5th
         accreditation
         certification
         ISO 9001 2nd
         ISO 9126 2nd
         QA (quality assurance)
         QC (quality control)
         Software Capability Maturity Model (CMM) 2nd
    risk-mitigation strategies
         third-party services 2nd 3rd
     security management 2nd 3rd 4th 5th 6th 7th
         CIA triad
         data integrity risks 2nd
         logical controls 2nd 3rd
         physical controls 2nd
     strategic planning 2nd
strategies. [See also policies, procedures]
strong authentication
structure (IS)
     evaluating 2nd 3rd 4th 5th
    outsourcing
         evaluating 2nd 3rd 4th 5th
         risk-mitigation strategies 2nd 3rd
         SLAs (service-level agreements)
         when to use
     segregation of duties 2nd 3rd
subject matter experts (SMEs)
subjects 2nd
substantive testing
supercomputers
supplies teams
supply chain management (SCM)
surges (voltage)
switches 2nd
symmetric encryption 2nd
symmetric keys 2nd
system development life cycle (SDLC) 2nd 3rd
system performance and monitoring processes 2nd
system testing
system upgrades
     risks 2nd
systems administrators
systems development
     segregation of duties
systems software 2nd
     change control 2nd
     configuration management 2nd
     DBMS (database management systems) 2nd 3rd
     firmware
     middleware 2nd
     operating systems 2nd
     risks and controls 2nd