Governance, Risk , Compliance

Question 1

DSAR

Answer 1

Data Subject Access Requests

Must be executed without undue delay and at the latest, within one month of receipt

Question 2

GDPR

Answer 2

General Data Protection Regulation

Question 3

DPO

Answer 3

Data Protection Officer

Question 4

CIS CSC

Answer 4

Centre for Internet Security Critical Security Controls

Question 5

NIST RMF

Answer 5

National Institute of Standards and Technology Risk Management Framework
Mandatory for US Federal data

Question 6

ISO/IEC 27001

Answer 6

Standard for an information security management system (ISMS)

Question 7

ISO/IEC 27002

Answer 7

Code or practice for information security controls

Question 8

ISO/IEC 27701

Answer 8

Privacy information management systems (PIMS)

Question 9

ISO 3100

Answer 9

International standards for risk management practices

Question 10

CCMP

Answer 10

Counter Mode Cipher Block Chaining Message Authentication Code Protocol
Used in WPA2 and uses Advanced Encryption Standard (AES)

Question 11

WPA3

Answer 11

Wi-Fi Protected Access v3
Requirement to be supported since 2018.
Added network authentication over WPA2
SAE replacing pre shared keys.
And perfect forward secrecy

Question 12

SAE

Answer 12

Simultaneous Authentication of Equals

Question 13

Perfect Forward Secrecy

Answer 13

Process changes encryption keys on an ongoing basis

Question 14

ISO 3100

Answer 14

Covers Risk management

Question 15

MSA

Answer 15

Master Service Agreement
Umbrella contract for work a vendor does over a period of time

Question 16

SLA

Answer 16

Service Level Agreement

Question 17

MOU

Answer 17

Memorandum Of Understanding

A letter written to document aspects of a relationship

Question 18

BPA

Answer 18

Business Partnership Agreement

When two organisations agree to work together

Question 19

NIST CSF Core 5 functions

Answer 19

Identify
Protect
Detect
Respond
Recover

Question 20

NIST CSF Maturity Model

Answer 20

Partial
Informed
Repeatable
Adaptive