2.2 - Describe the features of common frameworks for security architectures Flashcards
What is the ISO 9001 Deming cycle?
Plan-do-check-act (PDCA)

What is the first layer of SABSA?
Contextual: Business view, assets to be protected in context.
What is the second layer of SABSA?
Conceptual: Architects view: High-level view of services to protect the assets.
What is the third layer of SABSA?
Logical: Designers view: Node-level view of services and relationships.
What is the fourth layer of SABSA?
Physical: Builders view: Detailed node level view and how deployed with physical assets.
What is the fifth layer of SABSA?
Component: Tradesman/Technician’s view: Component view of individual security services.
What is the sixth layer of SABSA?
Operational: Facility Manager’s view: Security operations.
Name the 5 cobit key principles
- Meeting stakeholder needs 2. Covering the enterprise end to end 3. Applying a single integrated framework 4. Enabling a holistic approach 5. Separating governance from management

How many enterprise goals and IT-related goals does cobit specific?
17 each
What is ITIL defacto of?
IT Service Management
What are the main components of ITIL?
Service strategy, Service Design, Service operation, service transition
Name the first cobit process
Align, plan and organise

Name the second cobit process
Build, acquire and implement

Name the third cobit process
Deliver, service and support

Name the fourth cobit process
Monitor, Evaluate and assess

Name the fifth cobit process
Evaluate, direct and monitor

Name the first enabler of cobit
Principles, policies, frameworks

Name the second enabler of cobit
Processes

Name the third enabler of cobit
Organizational structures

Name the fourth enabler of cobit
Culture, ethics and behaviour

Name the fifth enabler of cobit
Information

What are the different views of TOGAF?
Business, Data architecture, application, technology
How is TOGAF architecture reviewed? A) Monthly B) Annually C) Continuously D) Never
C) Continuously
What is an enterprise?
“enterprise” in this context is any collection of organizations that has a common set of goals and/or a single bottom line


