2.2 - Describe the features of common frameworks for security architectures

Question 1

What is the ISO 9001 Deming cycle?

Answer 1

Plan-do-check-act (PDCA)

Question 2

What is the first layer of SABSA?

Answer 2

Contextual: Business view, assets to be protected in context.

Question 3

What is the second layer of SABSA?

Answer 3

Conceptual: Architects view: High-level view of services to protect the assets.

Question 4

What is the third layer of SABSA?

Answer 4

Logical: Designers view: Node-level view of services and relationships.

Question 5

What is the fourth layer of SABSA?

Answer 5

Physical: Builders view: Detailed node level view and how deployed with physical assets.

Question 6

What is the fifth layer of SABSA?

Answer 6

Component: Tradesman/Technician’s view: Component view of individual security services.

Question 7

What is the sixth layer of SABSA?

Answer 7

Operational: Facility Manager’s view: Security operations.

Question 8

Name the 5 cobit key principles

Answer 8

1. Meeting stakeholder needs 2. Covering the enterprise end to end 3. Applying a single integrated framework 4. Enabling a holistic approach 5. Separating governance from management

Question 9

How many enterprise goals and IT-related goals does cobit specific?

Answer 9

17 each

Question 10

What is ITIL defacto of?

Answer 10

IT Service Management

Question 11

What are the main components of ITIL?

Answer 11

Service strategy, Service Design, Service operation, service transition

Question 12

Name the first cobit process

Answer 12

Align, plan and organise

Question 13

Name the second cobit process

Answer 13

Build, acquire and implement

Question 14

Name the third cobit process

Answer 14

Deliver, service and support

Question 15

Name the fourth cobit process

Answer 15

Monitor, Evaluate and assess

Question 16

Name the fifth cobit process

Answer 16

Evaluate, direct and monitor

Question 17

Name the first enabler of cobit

Answer 17

Principles, policies, frameworks

Question 18

Name the second enabler of cobit

Answer 18

Processes

Question 19

Name the third enabler of cobit

Answer 19

Organizational structures

Question 20

Name the fourth enabler of cobit

Answer 20

Culture, ethics and behaviour

Question 21

Name the fifth enabler of cobit

Answer 21

Information

Question 22

What are the different views of TOGAF?

Answer 22

Business, Data architecture, application, technology

Question 23

How is TOGAF architecture reviewed? A) Monthly B) Annually C) Continuously D) Never

Answer 23

C) Continuously

Question 24

What is an enterprise?

Answer 24

“enterprise” in this context is any collection of organizations that has a common set of goals and/or a single bottom line

Question 25

What is enterprise architecture?

Answer 25

Both an entire enterprise, encompassing all of its information systems, and a specific domain within the enterprise

Question 26

What is TOGAF?

Answer 26

An architecture framework.

Question 27

What is an architecture framework?

Answer 27

An architecture framework is a tool which can be used for developing a broad range of different architectures

Question 28

What is the TOGAF Enterprise Continuum?

Answer 28

The Enterprise Continuum, which is a “virtual repository” of all the architecture assets - models, patterns, architecture descriptions, etc

Question 29

What is an architecture description?

Answer 29

An architecture description is a formal description of an information system

Question 30

What is the TOGAF Architecture Development Method (ADM)?

Answer 30

Used to develop an organization-specific enterprise architecture that addresses business requirements.

Question 31

TOGAF Resource Base

Answer 31

set of resources - guidelines, templates, checklists - supporting the TOGAF ADM.

Question 32

What are the five NIST cybersecurity framework functions?

Answer 32

Identify, Protect, Detect, Respond, Recover

Question 33

The 6 security actions of the Cisco Security Control Framework

Answer 33

Identify, Monitor, Correlate, Harden, Isolate, Enforce

Question 34

What are the 3 goals of the Cisco Security Control Framework?

Answer 34

• Protect the IT infrastructure
• Protect the IT assets using network-based controls
• Mitigate and respond to security incidents using network-based controls

Question 35

Go through the step-by-step process of TOGAF ADM

Answer 35

architecture vision, buisness, information system, technology architecture, solutions, migration, planning, implementation governanace and change management

Question 36

Name All SABSA Layers

Answer 36

Contextual

Conceptual

Logical

Physical

Operational

Question 37

What is the number of columns and rows in the SABSA Matrix

Answer 37

6x6

Question 38

How many columns and rows are there in the Zachman Framework?

Answer 38

6x6

Question 39

Why is governance important?

Answer 39

Governanace is about making sure management are not taking shortcuts to achive their goals (make money or promotion or meet business objectives)