Exam CISMP-V9 Topic 1 Question 45 Discussion
Actual exam question for BCS's CISMP-V9 exam
Question #: 45
Topic #: 1
Question #: 45
Topic #: 1
Which three of the following characteristics form the AAA Triad in Information Security?
1. Authentication
2. Availability
3. Accounting
4. Asymmetry
5. Authorisation
1. Authentication
2. Availability
3. Accounting
4. Asymmetry
5. Authorisation
Suggested Answer: D Vote an answer
The AAA Triad in Information Security stands for Authentication, Authorization (also known as Authorisation), and Accounting. These three components are fundamental to ensuring that access to systems is controlled and monitored:
* Authentication is the process of verifying the identity of a user or entity. It ensures that individuals are who they claim to be. This can involve methods such as passwords, biometrics, or tokens.
* Authorization determines what an authenticated user is allowed to do. It involves granting or denying rights to access resources and perform actions within a system based on the user's identity.
* Accounting keeps track of user activities. This includes logging when users log in and out, what actions they perform, and what resources they access. It's essential for auditing purposes and can also be used for billing or analyzing resource usage.
These principles are designed to protect information by managing potential risks and controlling access to data. They are part of a broader framework that includes physical, technical, and procedural controls to safeguard information assets.
References := The explanation provided is based on standard definitions and practices within the field of Information Security Management, as outlined in resources like the BCS Foundation Certificate in Information Security Management Principles and corroborated by industry sources1234.
* Authentication is the process of verifying the identity of a user or entity. It ensures that individuals are who they claim to be. This can involve methods such as passwords, biometrics, or tokens.
* Authorization determines what an authenticated user is allowed to do. It involves granting or denying rights to access resources and perform actions within a system based on the user's identity.
* Accounting keeps track of user activities. This includes logging when users log in and out, what actions they perform, and what resources they access. It's essential for auditing purposes and can also be used for billing or analyzing resource usage.
These principles are designed to protect information by managing potential risks and controlling access to data. They are part of a broader framework that includes physical, technical, and procedural controls to safeguard information assets.
References := The explanation provided is based on standard definitions and practices within the field of Information Security Management, as outlined in resources like the BCS Foundation Certificate in Information Security Management Principles and corroborated by industry sources1234.
by Jerome at Jul 16, 2024, 03:00 AM
Contact Us
If you have any question please leave me your email address, we will reply and send email to you in 12 hours.
Our Working Time: ( GMT 0:00-15:00 ) From Monday to Saturday
Support: Contact now
Comments
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Report Comment
Commenting
You can sign-up / login (it's free).