Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CYBR perimeter defense > 13-2 > Flashcards

13-2 Flashcards

1
Q

a framework that can be effective in providing a structured applicable to a diverse set of cyber security environments

A

Control Objects for information and related technologies.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

first released in 1996. published as an ISO standard 17799:2005 in 2005.version 5 released in April 2012

A

Cobit

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

the current version of COBIT has 5 components

A 
framework
process descriptions
control objectives
management guidelines
maturity models
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

the component of cobit is one of the aspects of the standard that makes is relatively easy to integrate other standards. its rather general. and requires organizations develop good practices related to the buisness.

A

framework

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

this component requires the organization to clearly describe all business processes

A

process descriptions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

this component requires the organization to establish clear objectives for each security control

A

control objectives

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

this component requires management to establish responsibility for achieving security goals and implement methods to measure the performance of security controls

A

managlement guidelines

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

this component examines any prpocess from the point of view of how developed that process is.

A

maturity models

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

the common criteria foir information security evaluation

A

ISO/IEC 15408

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

systems and software engineering

A

ISO/IEC 25000

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

information technology - security technoology

A

ISO/IEC 27000

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

risk managment

A

ISO/IEC 27001

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

accredited certification standard

A

ISO/IEC 27006

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

this special publication describes common security principles that should be addressed within security policies

A

NIST SP 800-14

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

the purpose of rthe NIST SP 800-14 is to describe 8 principles and 14 practices that can be used to develop security policies. the standard is based on 8 principles which are

A

“compute” security supports the mission
“” is an integral element of sound management
“” should be cost-effective
““responsibilities and accountability should be made explicit
““requires a comprehensive and integrated approach
“” should be periodically reassessed
“” is security contained by societal factors
system owners have security responsibilities outside their own organization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

CYBR perimeter defense (83 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions