Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CISSP Sunflower 2.0 > Domain 1 - Security and Risk Management - Corporate Officer Liability (SOX) > Flashcards

Domain 1 - Security and Risk Management - Corporate Officer Liability (SOX) Flashcards

1
Q

Executives are not held liable if the organization they represent is not compliant with the law.
…True or False

A

False; Executives are now held liable if the organization they represent is not compliant with the law.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which of the following best describes negligence if there is a failure to implement recommended precautions.

if there is no contingency/disaster recovery plan

failure to conduct appropriate background checks

failure to institute appropriate information security measures

failure to follow policy or local laws and regulations

All of the above

A

All of the above

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is TCSEC?

A

Trusted Computer System Evaluation Criteria

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is ITSEC?

A

Information Technology Security Evaluation Criteria

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Define TCSEC?

A
  • issued in 1983 by National Computer Security Center
  • frequently referred to as the Orange Book
  • centerpiece of the DoD Rainbow Series publications
  • set requirements for built-in security controls on systems that would be processing classified infor
  • TCSEC was replaced by Common Criteria standard in 2005
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Define ITSEC?

A
  • issued May 1990, France, Germany, Netherlands, UK
  • Referred as the European version of TCSEC
  • ITSEC was replaced by Common Criteria standard in 2005
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

TCSEC and ITSEC came together in Common Criteria. What are considered overlap from the original framework of the two? Part 1

A

A. level of confidentiality and privacy protections
B. strong in anti-spam and legitimate marketing
C. user claims identity, used for user access control
D. determine actions to an individual person
E. User may refuse cookies to be stored and user must be provided with information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

TCSEC and ITSEC came together in Common Criteria. What are considered overlap from the original framework of the two? Part 2

A

A. level of confidentiality and privacy protections
B. Takes an OPT-IN approach to unsolicited commercial electronic communications
C. Member states in the EU can make own laws e.g.
retention of data
D. Directs public directories to be subjected to tight controls
E. rights and permissions granted

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is COSO?

A

Committee of Sponsoring Organizations of the Treadway Commission

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Define COSO?

A

Framework to work with Sarbanes-Oxley 404 compliance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

CISSP Sunflower 2.0 (7 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions