Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CISSP > CyberFrameworks > Flashcards

CyberFrameworks Flashcards

1
Q

COBIT

A

is a documented set of best IT security practices crafted by
the Information Systems Audit and Control Association (ISACA). It prescribes goals and requirements for security controls and encourages the mapping of IT security ideals to business objectives.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

COBIT (6 principles)

A

■ Provide Stakeholder Value
■ Holistic Approach
■ Dynamic Governance System
■ Governance Distinct from Management
■ Tailored to Enterprise Needs
■ End-to-End Governance System

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

NIST 800-53 Rev. 5

A

U.S. government–sourced general recommendations for organizational security.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Center for Internet Security (CIS)

A

provides OS, application, and hardware security configuration guides

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

NIST Risk Management Framework (RMF)

A

establishes mandatory requirements for federal agencies. The
RMF has six phases: Categorize, Select, Implement, Assess, Authorize, and Monitor

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

NIST Cybersecurity Framework (CSF)

A

is designed for critical infrastructure and commercial organizations, and consists of five functions:
Identify,
Protect,
Detect,
Respond,
Recover.
It is a prescription of operational activities that are to
be performed on an ongoing basis for the support and improvement of security over time

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

ISO 27000

A

an international standard that can be the basis of implementing organizational security and related management practices

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Information Technology Infrastructure Library (ITIL)

A

rafted by the British government, is a set of recommended best practices for optimization of IT services to support business growth, transformation, and change. ITIL focuses
on understanding how IT and security need to be integrated with and aligned to the
objectives of an organization. ITIL and operational processes and is often used as a
starting point for the crafting of a customized IT security solution within an established
infrastructure

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

threat modeling framework

A

assets/attackers/software, STRIDE, PASTA, VAST, diagramming, reduction/decomposing, and DREAD.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

STRIDE

A

Spoofing
Tampering
Repudiation
Information Disclosure
Denial of Service
Elevation of Privilege

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

PASTA

A

Process for Attack Simulation and Threat Analysis .

. PASTA is a risk-centric approach that aims at selecting or developing
countermeasures in relation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

VAST

A

Visual, Agile, and Simple Threat.

is a threat modeling concept that integrates
threat and risk management into an Agile programming environment on a scalable basis

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

CISSP (11 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions