2.2 - Describe the features of common frameworks for security architectures Flashcards

1
Q

What is the ISO 9001 Deming cycle?

A

Plan-do-check-act (PDCA)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is the first layer of SABSA?

A

Contextual: Business view, assets to be protected in context.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is the second layer of SABSA?

A

Conceptual: Architects view: High-level view of services to protect the assets.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is the third layer of SABSA?

A

Logical: Designers view: Node-level view of services and relationships.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is the fourth layer of SABSA?

A

Physical: Builders view: Detailed node level view and how deployed with physical assets.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is the fifth layer of SABSA?

A

Component: Tradesman/Technician’s view: Component view of individual security services.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is the sixth layer of SABSA?

A

Operational: Facility Manager’s view: Security operations.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Name the 5 cobit key principles

A
  1. Meeting stakeholder needs 2. Covering the enterprise end to end 3. Applying a single integrated framework 4. Enabling a holistic approach 5. Separating governance from management
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

How many enterprise goals and IT-related goals does cobit specific?

A

17 each

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is ITIL defacto of?

A

IT Service Management

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What are the main components of ITIL?

A

Service strategy, Service Design, Service operation, service transition

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Name the first cobit process

A

Align, plan and organise

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Name the second cobit process

A

Build, acquire and implement

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Name the third cobit process

A

Deliver, service and support

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Name the fourth cobit process

A

Monitor, Evaluate and assess

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Name the fifth cobit process

A

Evaluate, direct and monitor

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Name the first enabler of cobit

A

Principles, policies, frameworks

18
Q

Name the second enabler of cobit

19
Q

Name the third enabler of cobit

A

Organizational structures

20
Q

Name the fourth enabler of cobit

A

Culture, ethics and behaviour

21
Q

Name the fifth enabler of cobit

A

Information

22
Q

What are the different views of TOGAF?

A

Business, Data architecture, application, technology

23
Q

How is TOGAF architecture reviewed? A) Monthly B) Annually C) Continuously D) Never

A

C) Continuously

24
Q

What is an enterprise?

A

“enterprise” in this context is any collection of organizations that has a common set of goals and/or a single bottom line

25
What is enterprise architecture?
Both an entire enterprise, encompassing all of its information systems, and a specific domain within the enterprise
26
What is TOGAF?
An architecture framework.
27
What is an architecture framework?
An architecture framework is a tool which can be used for developing a broad range of different architectures
28
What is the TOGAF Enterprise Continuum?
The Enterprise Continuum, which is a "virtual repository" of all the architecture assets - models, patterns, architecture descriptions, etc
29
What is an architecture description?
An architecture description is a formal description of an information system
30
What is the TOGAF Architecture Development Method (ADM)?
Used to develop an organization-specific enterprise architecture that addresses business requirements.
31
TOGAF Resource Base
set of resources - guidelines, templates, checklists - supporting the TOGAF ADM.
32
What are the five NIST cybersecurity framework functions?
Identify, Protect, Detect, Respond, Recover
33
The 6 security actions of the Cisco Security Control Framework
Identify, Monitor, Correlate, Harden, Isolate, Enforce
34
What are the 3 goals of the Cisco Security Control Framework?
* Protect the IT infrastructure * Protect the IT assets using network-based controls * Mitigate and respond to security incidents using network-based controls
35
Go through the step-by-step process of TOGAF ADM
architecture vision, buisness, information system, technology architecture, solutions, migration, planning, implementation governanace and change management
36
Name All SABSA Layers
Contextual Conceptual Logical Physical Operational
37
What is the number of columns and rows in the SABSA Matrix
6x6
38
How many columns and rows are there in the Zachman Framework?
6x6
39
Why is governance important?
Governanace is about making sure management are not taking shortcuts to achive their goals (make money or promotion or meet business objectives)
40