5.1

Question 1

information security policies

Answer 1

the big list of all security-related policies. centralized resource for processes

Question 2

sldc

Answer 2

software development lifecycle, systems development life cycle

Question 3

playbooks

Answer 3

conditional steps to follow. step by step set of processes and procedures

Question 4

SOAR

Answer 4

Security Orchestration, Automation, and Response

enables security teams to integrate and coordinate separate tools into streamlined threat response workflows

Question 5

governance structures for an organization

Answer 5

boards-panel of specialists
committees-subject matter experts
govt entities
centralized(one location)/decentralized(different locations)

Question 6

regulatory

Answer 6

regulations are often mandated

Question 7

legal

Answer 7

legal responsibilties reporting illegal activites etc

Question 8

geographical security

Answer 8

national- federal and national defense
global- multinational, legal concerns vary by country

Question 9

data roles

Answer 9

data controller-manages the purpose
data processor- processes on behalf of the controller
data custodian- responsible for securing data

Question 10

data custodian

Answer 10

responsible for securing data