CISM Flashcards
What is a Metric
Quantifiable entity that allows the measurement of the achievement of a process goal
Phases of Incidence Response
Prepare Identify Contain Eradicate Restore
GRC
Governance, Risk Management, Compliance
IRT Role ensures incident Response actions and procedures comply with legal and regulatory requirements
Legal Representative
Component in GRC is the responsibility of senior management and the BoD, and focuses on creating mechanisms to ensure personnel follow established Processes and policies
Governance
IRT role writes incident response reports and documents lessons learned
Incident handler
What is meant by Incident Repsonse?
Planning, coordinating, and executing appropriate mitigation, containment, and recovery strategies and actions
According ISACA, 5 main components of a Security Review?
Objective, Scope, Constraints, approach, result
IRT role that writes reports of investigation findings
Investigator
Role that develops the security strategy with business objectives
CISO ir Info Sec manager
Acronym CSF mean?
Critical Success Factor
In which risk assessment phase are specific risk scenarios and possible outcomes developed?
Risk Identification
IRT role documents the steps taken when executing the incident response plan?
Incident handler
Purpose of a RACI Chart
Define various roles associated with aspects of an info Sec program
Control category provides warnings that can deter potential compromise?
Deterrent Controls
What is Cobit 5
Framework that cofuses on value from IT by maintaineng a balance between releazing benefits and optimizing risk levels and resource use
5 principles of Cobit 5
Meeting the stakeholders needs Covering the enterprise end to endpoint Applying a single integrated Framework Enabling a holistic approach Separating governance from management
ALE
Single loss expect (SLE) X Annualized Rate of occurance (ARO)
ALE=SLE x ARO
ARO
Annualized rate of occurance
AUP
Acceptable Use Policy
SDO= Service Delivery Objective
Level of service supported durign alternate process mode until the normal situation is restored.
4 commonly accepted subsets of enterprise architecture according to ISACA
Business Architecture
Data “” “”
Applications “” “”
Technology “” ””
GRC
Governance, Risk Management, Compliance
Intangible assets
Patents, copyrights, reputation, data
What control deters potential compromise
Deterrent Controls
IRT role performs proactive and reactive measures to control info risk level
Info Sec manager
IRT role takes responsibility for overall incident management and response concept
sec steering group
IRT role Makes final decisions regarding incidents
Security Steering Group
IRT role Finds root cause of incident
Investigator
IRT role performs IT Sec assess/audit as a proactive mensure and part of the vuln management
IT Sec Specialist
IRT role Develops and maintains incident management and response capability
Info Sec Manager
IRT role Approves incident management team (IMT) Charter
sec steering group
IRT role Approves deviations and exceptions to the Incident Response Plan
sec steering group
IRT role responsible for coordingating the activities of all other recovery teams and handling key decision making
Emergency Management team
4 PERSPECTIVES IN A BALANCED SCORECARD
Financial
Customer
Business Process
Learning and growth
Accept the risk
Cost of mitigation to risk is higher than value of asset
Exposure
– Extent to which vuln is exposed to threat
FRaaS
- Forensics as a service
IdaaS
- Identity as a Service
PDCA
- Plan, Do, Check, Act
IMT
- Incident management Team
3 goals of a BIA
Criticality Prioritization
Downtime estimation
Resource Requirement