The **CISSP** is the most prestigious cybersecurity certification for leaders and experts. It validates a deep understanding of information security management, risk management, and security architecture. Required for CISO or Security Architect roles.
Answer : To identify, assess, and reduce risk to an acceptable level for the organization.
The goal is not to eliminate all risk (which is impossible), but to manage it to protect organizational assets.
Answer : Confidentiality, Integrity, and Availability.
This is the foundation of any security strategy: protecting access, ensuring data accuracy, and guaranteeing continuous access.
Answer : A method requiring two or more distinct types of identification (e.g., password + SMS code).
It relies on three factors: something you know, something you have, and something you are.
Answer : To technically manage data (storage, backup, access) according to the Data Owner's directives.
While the owner defines rules, the custodian implements them technically.
Answer : BCP focuses on keeping business operations running, while DRP focuses on technical restoration of IT systems.
DRP is often considered a technical subset of the overall BCP.