nerdexam
(ISC)2

CISSP-ISSEP · Question #149

You work as a systems engineer for BlueWell Inc. You want to protect and defend information and information systems by ensuring their availability, integrity, authentication, confidentiality, and non-

The correct answer is A. Information Assurance (IA). Information Assurance (IA) is the correct answer because it is specifically defined as the practice of protecting and defending information and information systems by ensuring the five pillars: availability, integrity, authentication, confidentiality, and non-repudiation (AIACN)

Risk Management

Question

You work as a systems engineer for BlueWell Inc. You want to protect and defend information and information systems by ensuring their availability, integrity, authentication, confidentiality, and non- repudiation. Which of the following processes will you use to accomplish the task?

Options

  • AInformation Assurance (IA)
  • BRisk Management
  • CRisk Analysis
  • DInformation Systems Security Engineering (ISSE)

How the community answered

(23 responses)
  • A
    96% (22)
  • B
    4% (1)

Explanation

Information Assurance (IA) is the correct answer because it is specifically defined as the practice of protecting and defending information and information systems by ensuring the five pillars: availability, integrity, authentication, confidentiality, and non-repudiation (AIACN) - which the question lists verbatim.

Why the distractors are wrong:

  • B. Risk Management is a broader process focused on identifying, assessing, and prioritizing risks and applying controls - it doesn't specifically map to those five pillars.
  • C. Risk Analysis is a subset of Risk Management dealing specifically with evaluating the likelihood and impact of threats - far too narrow.
  • D. ISSE is an engineering methodology for building security into systems during design; it's a process for building secure systems, not the overarching framework for protecting information by those five properties.

Memory tip: The five IA pillars spell "AIACN" - think "AI Acts Confidently, Not recklessly" - and whenever an exam question lists all five of those properties together, the answer is almost always Information Assurance.

Topics

#Information Assurance#Security Principles#CIA Triad#Non-repudiation

Community Discussion

No community discussion yet for this question.

Full CISSP-ISSEP Practice