Domain 1 set 3

Question 1

What is the most common type of policy?

Answer 1

Advisory

Question 2

Who is responsible for Data Classifications?

Answer 2

Data owners

Question 3

Who handles the Day to Day Data Governance

Answer 3

Data Steward

Question 4

A Scheme for classifying Data with Categories?

Answer 4

Taxonomy

HR, Executives, union, ETC…

Question 5

The Cost of Security of a Risk comes from?

Answer 5

Quantitative anaysis

Question 6

Aweakness or lack of a safeguard?

Answer 6

Vulnerability

Question 7

3 ways to Mitigate Risk?

Answer 7

1. Reduce2. Accept3. Transfer

Question 8

Security Governance is the reponsabley of who?

Answer 8

upper management (the Board)

Question 9

Which standard comes from ISACA?

Answer 9

COBIT

Question 10

How long is a trademark?

Answer 10

10 years

Question 11

A dollar figure that represents what the asset is worth to the organization

Answer 11

(AV) Asset Value

Question 12

What are The Risk control Frameworks?

Answer 12

1. COSO
2. COBIT
3. ISO 27001
4. NIST 800_53 (government agencies)

Question 13

What type of law regulates conduct for company’s

Answer 13

Administrative (regulatory)

Question 14

minimum acceptable security configuration for a system or process

Answer 14

baseline

Question 15

How long is the Strategic plan made for?

Answer 15

5 years

Question 16

Determining which portions of the a standard an organization will use?

Answer 16

Scoping

Question 17

What process finds trust boundaries and data flow paths?

Answer 17

Reduction Analysis

Question 18

SCI

Answer 18

Sensitive Compartmented Information

Question 19

A security Camera is what type of control?

Answer 19

Technical Control

Question 20

Who sets the frame work?

Answer 20

upper management (the Board)

Question 21

Types of intellectual property’s

Answer 21

1. trade Secrets
2. Copyrights
3. Trademarks
4. Patents

Question 22

Delphi Technique is part of?

Answer 22

Qualitative Risk Analysis

Question 23

Vertical Control and Horizontal Control are?

Answer 23

(SCI) Sensitive Compartmented InformationGovernment

Question 24

The 3 Risk Methodologies?

Answer 24

1. Octave
2. Frap
3. NIST 800-30

Question 25

A Defaced of a homepage is what part of the IAAA?

Answer 25

Integrity

Question 26

What type of policy is Mandatory with High level statements that supports strategic Goals of the Organization.

Answer 26

Organizational security Policy

Question 27

ESI

Answer 27

Electronically Stored information

Question 28

What are the Steps in Risk Management?

Answer 28

1. Risk Assessment
2. Risk Analysis
3. Risk Mitigation
4. Risk Monitoring

Question 29

Customizing a standard for an organization is called?

Answer 29

Tailoring

Question 30

The 3 law types

Answer 30

1. Criminal Law - Jail time
2. Civil Law - Due Care
3. Administrative (regulatory) HIPAA

Question 31

IT goals in mind standard?

Answer 31

COBIT

Question 32

SLE

Answer 32

Single loss Expectancy