When attempting to establish Liability,which of the following would be describe as performing the ongoing maintenance necessary to keep something in proper working order, updated, effective, or to abide by what is commonly expected in a situation?
Click on the arrows to vote for the correct answer
A. B. C. D.A.
My friend JD Murray at Techexams.net has a nice definition of both, see his explanation below: Oh, I hate these two.
It's like describing the difference between "jealously" and "envy."Kinda the same thing but not exactly.
Here it goes: Due diligence is performing reasonable examination and research before committing to a course of action.
Basically, "look before you leap." In law, you would perform due diligence by researching the terms of a contract before signing it.
The opposite of due diligence might be "haphazard" or "not doing your homework." Due care is performing the ongoing maintenance necessary to keep something in proper working order, or to abide by what is commonly expected in a situation.
This is especially important if the due care situation exists because of a contract, regulation, or law.
The opposite of due care is "negligence." In summary, Due Diligence is Identifying threats and risks while Due Care is Acting upon findings to mitigate risks EXAM TIP: The Due Diligence refers to the steps taken to identify risks that exists within the environment.This is base on best practices, standards such as ISO 27001, ISO 17799, and other consensus.The first letter of the word Due and the word Diligence should remind you of this.The two letters are DD = Do Detect.
In the case of due care, it is the actions that you have taken (implementing, designing, enforcing, updating) to reduce the risks identified and keep them at an acceptable level.The same apply here, the first letters of the work Due and the work Care are DC.Which should remind you that DC = Do correct.
The other answers are only detractors and not valid.
Reference(s) used for this question: CISSP Study Guide, Syngress, By Eric Conrad,Page 419 HARRIS, Shon, All-In-One CISSP Certification Exam Guide Fifth Edition, McGraw-Hill, Page 49 and 110
and Corporate; (Isc) (2010-04-20)
Official (ISC)2 Guide to the CISSP CBK, Second Edition ((ISC)2 Press) (Kindle Locations 11494-11504)
Taylor & Francis.
Kindle Edition.
and My friend JD Murray at Techexams.net.
The answer to the question is A. Due care.
Due care refers to the ongoing maintenance necessary to keep something in proper working order, updated, effective, or to abide by what is commonly expected in a situation. It is an essential concept in the field of security, where it refers to the steps taken to protect sensitive information and systems from unauthorized access, use, disclosure, or destruction.
The term "due care" is often used interchangeably with "reasonable care." Both terms refer to the level of care that a prudent person would exercise in similar circumstances to avoid harming others or causing damage. In the context of security, due care involves implementing appropriate safeguards and controls to protect information and systems based on the sensitivity of the data and the risks associated with their loss or exposure.
Due concern, due diligence, and due practice are not synonymous with due care, although they are related concepts. Due concern refers to the attention and consideration given to a particular issue, while due diligence refers to the thoroughness and care taken in investigating or reviewing something. Due practice is not a commonly used term in the field of security and does not have a specific meaning related to liability or maintenance.
In summary, due care is the ongoing maintenance necessary to keep something in proper working order, updated, effective, or to abide by what is commonly expected in a situation. It is an essential concept in the field of security and refers to the steps taken to protect sensitive information and systems from unauthorized access, use, disclosure, or destruction.